Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Intermittent wifi issues and slow computer

Started by SumMom , Jul 04 2018 08:41 AM

Please log in to reply

#1
SumMom

Posted 04 July 2018 - 08:41 AM

Member

Member
69 posts

My laptop is very slow and occasionally the wifi drops while every other computer, smart phone, tablet, etc is unaffected. I'm not sure my laptop is infected with malware, but it's the next thing to check.

Thanks for your help!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018

Ran by Owner (administrator) on PC (04-07-2018 09:32:28)

Running from C:\Users\Owner\Desktop

Loaded Profiles: Owner (Available Profiles: Owner & Administrator)

Platform: Windows 10 Home Version 1709 16299.522 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(HP) C:\Windows\System32\HP3DDGService.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe

(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe

(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe

(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-28] (AVAST Software)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)

HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)

HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278568 2017-09-07] (Carbonite, Inc.)

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [rUpdater agent] => C:\Users\Owner\AppData\Roaming\rUpdater Software\rUpdater\rUpdater_agent.exe

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-05-23] (Apple Inc.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-05-23] (Apple Inc.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1588568 2018-06-22] (Google Inc.)

Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk [2018-07-03]

ShortcutTarget: Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

GroupPolicyScripts: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{0c0a2277-4bd3-4e28-bd32-48f83edcc842}: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{6d8dd44a-b54f-4d3e-b5b2-28304bfcd113}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{b8f28657-6e8a-4fed-b22c-341d02a71645}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1

SearchScopes: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-05-27] (Microsoft Corporation)

BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)

BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-27] (Microsoft Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)

BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2013-01-10] (Skype Technologies)

FireFox:

========

FF DefaultProfile: g5a5vmkh.default

FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\g5a5vmkh.default [2018-06-06]

FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi

FF Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012-07-18] [Legacy] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-04-28] [Legacy] [not signed]

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1232202.dll [2018-03-09] (Adobe Systems, Inc.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-02] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)

FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll [2012-07-18] (Nuance Communications Inc.)

Chrome:

=======

CHR HomePage: Default -> mysearch.avg.com

CHR StartupUrls: Default -> "hxxps://outlook.live.com/owa/?authRedirect=true","chrome://newtab/","hxxps://lastpass.com/?ac=1&lpnorefresh=1"

CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2018-07-04]

CHR Extension: (Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]

CHR Extension: (Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]

CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-06]

CHR Extension: (Quick Maps) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbojmobaekecckmomemopckmeipecij [2016-10-06]

CHR Extension: (Yahoo Partner) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjicifbhnpakmaekfnphojjehhnifkmc [2018-05-12]

CHR Extension: (Cat licking your screen) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bljgfogmfiepjlefknbnfopdoabpldcb [2016-10-06]

CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-06]

CHR Extension: (AVG Secure Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-10-06]

CHR Extension: (Chromebleed) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2016-10-06]

CHR Extension: (Avast SafePrice) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-23]

CHR Extension: (Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]

CHR Extension: (iCloud Bookmarks) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2017-10-13]

CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2018-06-16]

CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-08]

CHR Extension: (Pinterest Save Button) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-07-03]

CHR Extension: (AmazonSmile 1Button for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba [2016-10-06]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-07-03]

CHR Extension: (HP Network Check Launcher) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2017-10-30]

CHR Extension: (Grammarly for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-06-23]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-10-06]

CHR Extension: (MyPoints Score) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcglgmippekbdbmniknikdgkmnnpdnmh [2018-05-26]

CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2016-10-06]

CHR Extension: (Wikibuy) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2018-06-29]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]

CHR Extension: (cats.) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdfklfdfahcjkkkogigggbfhbojcnhgb [2016-10-06]

CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-06]

CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-08]

CHR HKU\S-1-5-21-3571816096-2060556278-31395193-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2012-07-18]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-05] (Advanced Micro Devices, Inc.) [File not signed]

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-28] (AVAST Software)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-28] (AVAST Software)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)

R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)

R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)

R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)

R2 osrss; C:\WINDOWS\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)

R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-10-02] (Visicom Media Inc.)

R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-29] (Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [53760 2017-12-18] (HP)

S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-06-28] (AVAST Software)

R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-06-28] (AVAST Software)

R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-06-28] (AVAST Software)

R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-06-28] (AVAST Software)

R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-06-28] (AVAST Software)

S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-28] (AVAST Software)

R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-06-28] (AVAST Software)

S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-06-28] (AVAST Software)

R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-06-28] (AVAST Software)

R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-06-28] (AVAST Software)

R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-06-28] (AVAST Software)

R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-06-28] (AVAST Software)

R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [463080 2018-06-28] (AVAST Software)

R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-06-28] (AVAST Software)

R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-06-28] (AVAST Software)

R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-12-07] (Advanced Micro Devices)

R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [39936 2017-12-18] (HP)

R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-07] (REALiX™)

R1 MpKsl539ff557; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FF8F30B9-29CC-4A9A-A93C-816D6D12B370}\MpKsl539ff557.sys [58120 2018-07-03] (Microsoft Corporation)

R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)

R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)

R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)

R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [302808 2015-12-07] (Realtek Semiconductor Corp.)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-12-07] (Realtek )

R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)

R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated)

S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33008 2013-04-05] (Synaptics Incorporated)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-29] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-29] (Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-29] (Microsoft Corporation)

R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-04 09:32 - 2018-07-04 09:34 - 000024937 _____ C:\Users\Owner\Desktop\FRST.txt

2018-07-04 09:32 - 2018-07-04 09:32 - 000000000 ____D C:\FRST

2018-07-03 16:04 - 2018-07-03 16:05 - 002412544 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe

2018-07-03 15:50 - 2018-07-03 15:50 - 000000000 ___HD C:\OneDriveTemp

2018-07-03 14:37 - 2018-07-03 14:37 - 000125399 _____ C:\Users\Owner\Downloads\hosts.zip

2018-07-02 11:51 - 2018-07-02 11:51 - 008723637 _____ C:\Users\Owner\Downloads\ocm01756784-1896.pdf

2018-06-29 08:43 - 2018-06-29 08:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2018-06-28 07:41 - 2018-06-28 07:41 - 000000000 ____D C:\Users\Owner\AppData\Local\CrashDumps

2018-06-28 07:37 - 2018-06-28 07:37 - 000000000 ____D C:\Users\Owner\AppData\Local\AVAST Software

2018-06-28 07:20 - 2018-06-28 07:19 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2018-06-28 07:20 - 2018-06-28 07:19 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys

2018-06-27 17:33 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll

2018-06-27 17:18 - 2018-06-13 17:39 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2018-06-27 17:18 - 2018-06-13 17:39 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2018-06-27 17:18 - 2018-06-13 17:38 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2018-06-27 17:18 - 2018-06-13 17:38 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2018-06-27 17:18 - 2018-06-13 17:38 - 000077240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll

2018-06-27 17:18 - 2018-06-13 17:36 - 008629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2018-06-27 17:18 - 2018-06-13 17:36 - 000137624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys

2018-06-27 17:18 - 2018-06-13 17:35 - 002395544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2018-06-27 17:18 - 2018-06-13 17:31 - 007671696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2018-06-27 17:18 - 2018-06-13 17:31 - 000979864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2018-06-27 17:18 - 2018-06-13 17:31 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2018-06-27 17:18 - 2018-06-13 17:28 - 000555928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2018-06-27 17:18 - 2018-06-13 17:28 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

2018-06-27 17:18 - 2018-06-13 17:27 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2018-06-27 17:18 - 2018-06-13 17:25 - 002773408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2018-06-27 17:18 - 2018-06-13 16:46 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2018-06-27 17:18 - 2018-06-13 16:44 - 006086960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2018-06-27 17:18 - 2018-06-13 16:44 - 000747928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2018-06-27 17:18 - 2018-06-13 16:41 - 001525288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2018-06-27 17:18 - 2018-06-13 16:30 - 025256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2018-06-27 17:18 - 2018-06-13 16:24 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2018-06-27 17:18 - 2018-06-13 16:24 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll

2018-06-27 17:18 - 2018-06-13 16:21 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll

2018-06-27 17:18 - 2018-06-13 16:21 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2018-06-27 17:18 - 2018-06-13 16:19 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2018-06-27 17:18 - 2018-06-13 16:18 - 018930688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2018-06-27 17:18 - 2018-06-13 16:17 - 019358720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2018-06-27 17:18 - 2018-06-13 16:17 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2018-06-27 17:18 - 2018-06-13 16:16 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2018-06-27 17:18 - 2018-06-13 16:16 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll

2018-06-27 17:18 - 2018-06-13 16:14 - 006060032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2018-06-27 17:18 - 2018-06-13 16:14 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2018-06-27 17:18 - 2018-06-13 16:14 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys

2018-06-27 17:18 - 2018-06-13 16:14 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2018-06-27 17:18 - 2018-06-13 16:13 - 007812608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2018-06-27 17:18 - 2018-06-13 16:13 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll

2018-06-27 17:18 - 2018-06-13 16:13 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2018-06-27 17:18 - 2018-06-13 16:13 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2018-06-27 17:18 - 2018-06-13 16:12 - 002577920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2018-06-27 17:18 - 2018-06-13 16:12 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2018-06-27 17:18 - 2018-06-13 16:11 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2018-06-27 17:18 - 2018-06-13 16:08 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2018-06-27 17:18 - 2018-06-13 16:07 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2018-06-27 17:18 - 2018-06-13 16:07 - 013712896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2018-06-27 17:18 - 2018-06-13 16:07 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll

2018-06-27 17:18 - 2018-06-13 16:06 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2018-06-27 17:18 - 2018-06-13 16:05 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2018-06-27 17:18 - 2018-06-13 16:04 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2018-06-27 17:18 - 2018-06-13 16:03 - 003161088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2018-06-27 17:18 - 2018-06-13 16:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2018-06-27 17:18 - 2018-06-13 16:02 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2018-06-27 17:18 - 2018-06-13 16:02 - 002786304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2018-06-27 17:18 - 2018-06-13 16:02 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2018-06-27 17:18 - 2018-06-13 16:02 - 002528768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2018-06-27 17:18 - 2018-06-13 16:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2018-06-27 17:18 - 2018-06-13 16:01 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2018-06-27 17:18 - 2018-06-13 16:01 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll

2018-06-27 17:18 - 2018-06-13 16:00 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys

2018-06-27 17:18 - 2018-06-13 15:57 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe

2018-06-27 17:17 - 2018-06-13 17:41 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2018-06-27 17:17 - 2018-06-13 17:41 - 001093040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2018-06-27 17:17 - 2018-06-13 17:41 - 000925672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2018-06-27 17:17 - 2018-06-13 17:41 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2018-06-27 17:17 - 2018-06-13 17:40 - 000423320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2018-06-27 17:17 - 2018-06-13 17:40 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2018-06-27 17:17 - 2018-06-13 17:40 - 000069528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll

2018-06-27 17:17 - 2018-06-13 17:39 - 000748472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2018-06-27 17:17 - 2018-06-13 17:39 - 000608152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2018-06-27 17:17 - 2018-06-13 17:39 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2018-06-27 17:17 - 2018-06-13 17:38 - 001133880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll

2018-06-27 17:17 - 2018-06-13 17:38 - 000664984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2018-06-27 17:17 - 2018-06-13 17:38 - 000479920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll

2018-06-27 17:17 - 2018-06-13 17:38 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2018-06-27 17:17 - 2018-06-13 17:38 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2018-06-27 17:17 - 2018-06-13 17:35 - 001416864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2018-06-27 17:17 - 2018-06-13 17:35 - 001210784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2018-06-27 17:17 - 2018-06-13 17:35 - 001002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll

2018-06-27 17:17 - 2018-06-13 17:35 - 000453024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys

2018-06-27 17:17 - 2018-06-13 17:33 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2018-06-27 17:17 - 2018-06-13 17:32 - 000130600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

2018-06-27 17:17 - 2018-06-13 17:31 - 000525728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe

2018-06-27 17:17 - 2018-06-13 17:29 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll

2018-06-27 17:17 - 2018-06-13 17:29 - 000671024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2018-06-27 17:17 - 2018-06-13 17:29 - 000225696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys

2018-06-27 17:17 - 2018-06-13 17:28 - 000688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2018-06-27 17:17 - 2018-06-13 17:26 - 001084736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll

2018-06-27 17:17 - 2018-06-13 17:26 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll

2018-06-27 17:17 - 2018-06-13 17:25 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll

2018-06-27 17:17 - 2018-06-13 17:24 - 000057464 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe

2018-06-27 17:17 - 2018-06-13 16:54 - 001383784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll

2018-06-27 17:17 - 2018-06-13 16:54 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2018-06-27 17:17 - 2018-06-13 16:50 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll

2018-06-27 17:17 - 2018-06-13 16:44 - 000592800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll

2018-06-27 17:17 - 2018-06-13 16:44 - 000550176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2018-06-27 17:17 - 2018-06-13 16:42 - 000544432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2018-06-27 17:17 - 2018-06-13 16:41 - 001033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll

2018-06-27 17:17 - 2018-06-13 16:39 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll

2018-06-27 17:17 - 2018-06-13 16:39 - 000251096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll

2018-06-27 17:17 - 2018-06-13 16:24 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll

2018-06-27 17:17 - 2018-06-13 16:21 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSOpusDecoder.dll

2018-06-27 17:17 - 2018-06-13 16:20 - 008962560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL

2018-06-27 17:17 - 2018-06-13 16:19 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll

2018-06-27 17:17 - 2018-06-13 16:17 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe

2018-06-27 17:17 - 2018-06-13 16:16 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll

2018-06-27 17:17 - 2018-06-13 16:16 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll

2018-06-27 17:17 - 2018-06-13 16:15 - 001508864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll

2018-06-27 17:17 - 2018-06-13 16:13 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2018-06-27 17:17 - 2018-06-13 16:13 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll

2018-06-27 17:17 - 2018-06-13 16:12 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll

2018-06-27 17:17 - 2018-06-13 16:12 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll

2018-06-27 17:17 - 2018-06-13 16:12 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSOpusDecoder.dll

2018-06-27 17:17 - 2018-06-13 16:11 - 008962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL

2018-06-27 17:17 - 2018-06-13 16:11 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2018-06-27 17:17 - 2018-06-13 16:11 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

2018-06-27 17:17 - 2018-06-13 16:10 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2018-06-27 17:17 - 2018-06-13 16:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2018-06-27 17:17 - 2018-06-13 16:05 - 001238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2018-06-27 17:17 - 2018-06-13 16:04 - 003180544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2018-06-27 17:17 - 2018-06-13 16:04 - 002212352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2018-06-27 17:17 - 2018-06-13 16:03 - 001607168 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll

2018-06-27 17:17 - 2018-06-13 16:01 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2018-06-27 17:17 - 2018-06-13 16:01 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2018-06-27 17:17 - 2018-06-13 16:01 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll

2018-06-27 17:17 - 2018-06-13 15:58 - 001570304 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe

2018-06-27 17:17 - 2018-06-13 15:57 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll

2018-06-27 17:17 - 2018-06-13 15:57 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll

2018-06-27 17:17 - 2018-06-13 13:19 - 004171264 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll

2018-06-27 17:17 - 2018-06-13 13:18 - 004876800 _____ (Gracenote, Inc.) C:\WINDOWS\system32\gnsdk_fp.dll

2018-06-27 16:59 - 2018-06-27 17:21 - 866014505 _____ C:\Users\Owner\Downloads\windows10.0-kb4284822-x64_0fcd8ba2f62befe1ab243819de299e16052571b2.msu

2018-06-27 16:38 - 2018-06-27 16:39 - 013669907 _____ C:\Users\Owner\Downloads\windows10.0-kb4090914-x64_c72e85e0ed037eee289e3793c01b5f0a0f7b63f1.msu

2018-06-27 16:30 - 2018-06-27 16:30 - 000195346 _____ C:\Users\Owner\Downloads\wu170509 (1).diagcab

2018-06-27 16:19 - 2018-06-27 16:19 - 000195346 _____ C:\Users\Owner\Downloads\wu170509.diagcab

2018-06-26 16:04 - 2018-06-26 16:04 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2018-06-26 16:03 - 2018-06-26 16:04 - 000273318 _____ C:\WINDOWS\ntbtlog.txt

2018-06-21 16:18 - 2018-06-21 16:18 - 000000126 _____ C:\Users\Owner\Downloads\Guest List.csv

2018-06-20 06:07 - 2018-06-20 06:07 - 000000000 ____D C:\ProgramData\Packages

2018-06-17 16:05 - 2018-06-17 16:05 - 000020584 _____ C:\Users\Owner\Downloads\eSign.pdf

2018-06-15 10:15 - 2018-06-15 10:15 - 000512879 _____ C:\Users\Owner\Downloads\voicemail.wav

2018-06-12 16:47 - 2018-06-08 02:32 - 001638432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2018-06-12 16:47 - 2018-06-08 02:32 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll

2018-06-12 16:47 - 2018-06-08 02:30 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2018-06-12 16:47 - 2018-06-08 02:30 - 001953544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2018-06-12 16:47 - 2018-06-08 02:27 - 001173584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll

2018-06-12 16:47 - 2018-06-08 02:27 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys

2018-06-12 16:47 - 2018-06-08 02:24 - 003009736 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2018-06-12 16:47 - 2018-06-08 02:24 - 002711248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2018-06-12 16:47 - 2018-06-08 02:24 - 000891808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2018-06-12 16:47 - 2018-06-08 02:23 - 004486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll

2018-06-12 16:47 - 2018-06-08 02:23 - 002412688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2018-06-12 16:47 - 2018-06-08 02:22 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2018-06-12 16:47 - 2018-06-08 02:22 - 001269640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2018-06-12 16:47 - 2018-06-08 02:22 - 000093624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2018-06-12 16:47 - 2018-06-08 02:21 - 000594080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2018-06-12 16:47 - 2018-06-08 01:21 - 001931256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2018-06-12 16:47 - 2018-06-08 01:21 - 001614168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2018-06-12 16:47 - 2018-06-08 01:21 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2018-06-12 16:47 - 2018-06-08 01:19 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2018-06-12 16:47 - 2018-06-08 01:18 - 000097160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll

2018-06-12 16:47 - 2018-06-08 01:10 - 002338272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2018-06-12 16:47 - 2018-06-08 01:09 - 017161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2018-06-12 16:47 - 2018-06-08 01:09 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2018-06-12 16:47 - 2018-06-08 01:09 - 000791968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2018-06-12 16:47 - 2018-06-08 01:08 - 003979696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll

2018-06-12 16:47 - 2018-06-08 01:08 - 001990672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2018-06-12 16:47 - 2018-06-08 01:07 - 002386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2018-06-12 16:47 - 2018-06-08 01:07 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll

2018-06-12 16:47 - 2018-06-08 01:07 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll

2018-06-12 16:47 - 2018-06-08 01:06 - 006015208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2018-06-12 16:47 - 2018-06-08 01:06 - 004668688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2018-06-12 16:47 - 2018-06-08 01:06 - 000551696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll

2018-06-12 16:47 - 2018-06-08 01:05 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys

2018-06-12 16:47 - 2018-06-08 01:02 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

2018-06-12 16:47 - 2018-06-08 01:02 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2018-06-12 16:47 - 2018-06-08 01:02 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2018-06-12 16:47 - 2018-06-08 01:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2018-06-12 16:47 - 2018-06-08 01:02 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2018-06-12 16:47 - 2018-06-08 01:01 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2018-06-12 16:47 - 2018-06-08 01:01 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2018-06-12 16:47 - 2018-06-08 01:00 - 012833792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2018-06-12 16:47 - 2018-06-08 01:00 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll

2018-06-12 16:47 - 2018-06-08 01:00 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2018-06-12 16:47 - 2018-06-08 00:59 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2018-06-12 16:47 - 2018-06-08 00:58 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2018-06-12 16:47 - 2018-06-08 00:58 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2018-06-12 16:47 - 2018-06-08 00:58 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2018-06-12 16:47 - 2018-06-08 00:57 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2018-06-12 16:47 - 2018-06-08 00:57 - 001812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2018-06-12 16:47 - 2018-06-08 00:57 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2018-06-12 16:47 - 2018-06-08 00:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2018-06-12 16:47 - 2018-06-08 00:57 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2018-06-12 16:47 - 2018-06-08 00:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll

2018-06-12 16:47 - 2018-06-08 00:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll

2018-06-12 16:47 - 2018-06-08 00:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll

2018-06-12 16:47 - 2018-06-08 00:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2018-06-12 16:47 - 2018-06-08 00:41 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2018-06-12 16:47 - 2018-06-08 00:41 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2018-06-12 16:47 - 2018-06-08 00:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2018-06-12 16:47 - 2018-06-08 00:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2018-06-12 16:47 - 2018-06-08 00:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll

2018-06-12 16:47 - 2018-06-08 00:39 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2018-06-12 16:47 - 2018-06-08 00:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2018-06-12 16:47 - 2018-06-08 00:38 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2018-06-12 16:47 - 2018-06-08 00:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2018-06-12 16:47 - 2018-06-08 00:36 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2018-06-12 16:47 - 2018-06-08 00:35 - 002868736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2018-06-12 16:47 - 2018-06-08 00:35 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2018-06-12 16:47 - 2018-06-08 00:35 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2018-06-12 16:47 - 2018-06-08 00:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2018-06-12 16:47 - 2018-05-11 18:15 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys

2018-06-12 16:47 - 2018-05-11 18:14 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2018-06-12 16:47 - 2018-05-11 18:14 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys

2018-06-12 16:47 - 2018-05-11 18:10 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2018-06-12 16:47 - 2018-05-11 18:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2018-06-12 16:47 - 2018-05-11 18:10 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2018-06-12 16:47 - 2018-05-11 18:09 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys

2018-06-12 16:47 - 2018-05-11 18:09 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

2018-06-12 16:47 - 2018-05-11 18:08 - 000428440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2018-06-12 16:47 - 2018-05-11 18:07 - 002711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2018-06-12 16:47 - 2018-05-11 18:07 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll

2018-06-12 16:47 - 2018-05-11 18:07 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2018-06-12 16:47 - 2018-05-11 18:05 - 000616792 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2018-06-12 16:47 - 2018-05-11 16:53 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2018-06-12 16:47 - 2018-05-11 16:53 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll

2018-06-12 16:47 - 2018-05-11 16:53 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2018-06-12 16:47 - 2018-05-11 16:52 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys

2018-06-12 16:47 - 2018-05-11 16:48 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys

2018-06-12 16:47 - 2018-05-11 16:48 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys

2018-06-12 16:47 - 2018-05-11 16:47 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2018-06-12 16:47 - 2018-05-11 16:46 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2018-06-12 16:47 - 2018-05-11 16:46 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2018-06-12 16:47 - 2018-05-11 16:45 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2018-06-12 16:47 - 2018-05-11 16:42 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll

2018-06-12 16:47 - 2018-05-11 16:39 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll

2018-06-12 16:47 - 2018-05-11 16:29 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2018-06-12 16:47 - 2018-05-11 16:29 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll

2018-06-12 16:47 - 2018-05-11 16:19 - 001353216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll

2018-06-12 16:46 - 2018-06-08 12:26 - 021754880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll

2018-06-12 16:46 - 2018-06-08 12:26 - 017084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll

2018-06-12 16:46 - 2018-06-08 12:03 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll

2018-06-12 16:46 - 2018-06-08 11:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe

2018-06-12 16:46 - 2018-06-08 11:58 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll

2018-06-12 16:46 - 2018-06-08 06:42 - 002491120 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll

2018-06-12 16:46 - 2018-06-08 06:41 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll

2018-06-12 16:46 - 2018-06-08 02:33 - 000269720 _____ C:\WINDOWS\system32\FaceProcessorCore.dll

2018-06-12 16:46 - 2018-06-08 02:33 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll

2018-06-12 16:46 - 2018-06-08 02:26 - 000712456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2018-06-12 16:46 - 2018-06-08 02:25 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2018-06-12 16:46 - 2018-06-08 02:24 - 001488288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll

2018-06-12 16:46 - 2018-06-08 02:23 - 021357336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2018-06-12 16:46 - 2018-06-08 02:23 - 002472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll

2018-06-12 16:46 - 2018-06-08 02:23 - 000824904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2018-06-12 16:46 - 2018-06-08 02:23 - 000677304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2018-06-12 16:46 - 2018-06-08 02:23 - 000137552 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll

2018-06-12 16:46 - 2018-06-08 02:22 - 006791992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2018-06-12 16:46 - 2018-06-08 02:21 - 007385096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2018-06-12 16:46 - 2018-06-08 02:21 - 004507096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2018-06-12 16:46 - 2018-06-08 02:20 - 001101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2018-06-12 16:46 - 2018-06-08 01:10 - 003485400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2018-06-12 16:46 - 2018-06-08 01:10 - 001124768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll

2018-06-12 16:46 - 2018-06-08 01:08 - 020290256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2018-06-12 16:46 - 2018-06-08 01:07 - 000975360 _____ C:\WINDOWS\system32\FaceProcessor.dll

2018-06-12 16:46 - 2018-06-08 01:07 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll

2018-06-12 16:46 - 2018-06-08 01:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2018-06-12 16:46 - 2018-06-08 01:06 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2018-06-12 16:46 - 2018-06-08 01:06 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll

2018-06-12 16:46 - 2018-06-08 01:06 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll

2018-06-12 16:46 - 2018-06-08 01:04 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll

2018-06-12 16:46 - 2018-06-08 01:04 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll

2018-06-12 16:46 - 2018-06-08 01:03 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2018-06-12 16:46 - 2018-06-08 01:02 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

2018-06-12 16:46 - 2018-06-08 01:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll

2018-06-12 16:46 - 2018-06-08 00:59 - 003124224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll

2018-06-12 16:46 - 2018-06-08 00:59 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe

2018-06-12 16:46 - 2018-06-08 00:58 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2018-06-12 16:46 - 2018-06-08 00:57 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2018-06-12 16:46 - 2018-06-08 00:56 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2018-06-12 16:46 - 2018-06-08 00:55 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll

2018-06-12 16:46 - 2018-06-08 00:45 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll

2018-06-12 16:46 - 2018-06-08 00:41 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2018-06-12 16:46 - 2018-06-08 00:40 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll

2018-06-12 16:46 - 2018-06-08 00:39 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll

2018-06-12 16:46 - 2018-06-08 00:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll

2018-06-12 16:46 - 2018-06-08 00:35 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2018-06-12 16:46 - 2018-06-08 00:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2018-06-12 16:46 - 2018-05-12 08:57 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll

2018-06-12 16:46 - 2018-05-12 08:56 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll

2018-06-12 16:46 - 2018-05-12 08:55 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll

2018-06-12 16:46 - 2018-05-12 08:55 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll

2018-06-12 16:46 - 2018-05-11 16:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2018-06-12 16:46 - 2018-05-11 16:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll

2018-06-12 16:46 - 2018-05-11 16:44 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2018-06-12 16:46 - 2018-05-11 16:41 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe

2018-06-12 16:46 - 2018-05-11 16:20 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe

2018-06-12 16:45 - 2018-06-08 02:29 - 001849760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys

2018-06-12 16:45 - 2018-06-08 02:29 - 000937376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys

2018-06-12 16:45 - 2018-06-08 02:29 - 000028576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys

2018-06-12 16:45 - 2018-06-08 02:24 - 006282280 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2018-06-12 16:45 - 2018-06-08 02:24 - 001029536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll

2018-06-12 16:45 - 2018-06-08 02:24 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2018-06-12 16:45 - 2018-06-08 02:24 - 000247712 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2018-06-12 16:45 - 2018-06-08 02:22 - 001358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll

2018-06-12 16:45 - 2018-06-08 02:22 - 000054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll

2018-06-12 16:45 - 2018-06-08 02:21 - 001206104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll

2018-06-12 16:45 - 2018-06-08 02:21 - 000260904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2018-06-12 16:45 - 2018-06-08 01:09 - 002993728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll

2018-06-12 16:45 - 2018-06-08 01:09 - 000832952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2018-06-12 16:45 - 2018-06-08 01:08 - 001075984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll

2018-06-12 16:45 - 2018-06-08 01:08 - 000640024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2018-06-12 16:45 - 2018-06-08 01:07 - 000047608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll

2018-06-12 16:45 - 2018-06-08 01:06 - 001131696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll

2018-06-12 16:45 - 2018-06-08 01:06 - 000129208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll

2018-06-12 16:45 - 2018-06-08 01:05 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll

2018-06-12 16:45 - 2018-06-08 01:05 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe

2018-06-12 16:45 - 2018-06-08 01:05 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanelExternalHook.dll

2018-06-12 16:45 - 2018-06-08 01:04 - 001925120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2018-06-12 16:45 - 2018-06-08 01:04 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys

2018-06-12 16:45 - 2018-06-08 01:03 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2018-06-12 16:45 - 2018-06-08 01:01 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

2018-06-12 16:45 - 2018-06-08 01:01 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2018-06-12 16:45 - 2018-06-08 01:01 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2018-06-12 16:45 - 2018-06-08 01:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll

2018-06-12 16:45 - 2018-06-08 00:59 - 001297920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2018-06-12 16:45 - 2018-06-08 00:59 - 001116672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2018-06-12 16:45 - 2018-06-08 00:59 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2018-06-12 16:45 - 2018-06-08 00:59 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2018-06-12 16:45 - 2018-06-08 00:57 - 001135104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2018-06-12 16:45 - 2018-06-08 00:56 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll

2018-06-12 16:45 - 2018-06-08 00:53 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys

2018-06-12 16:45 - 2018-06-08 00:46 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll

2018-06-12 16:45 - 2018-06-08 00:40 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2018-06-12 16:45 - 2018-06-08 00:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

2018-06-12 16:45 - 2018-06-08 00:39 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe

2018-06-12 16:45 - 2018-06-08 00:39 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2018-06-12 16:45 - 2018-06-08 00:35 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2018-06-12 16:45 - 2018-06-08 00:35 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll

2018-06-12 16:45 - 2018-06-08 00:34 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll

2018-06-12 16:45 - 2018-05-12 08:53 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll

2018-06-12 16:45 - 2018-05-12 08:52 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll

2018-06-12 16:45 - 2018-05-12 08:52 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialStore.dll

2018-06-12 16:45 - 2018-05-11 18:15 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys

2018-06-12 16:45 - 2018-05-11 18:08 - 000757792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2018-06-12 16:45 - 2018-05-11 16:54 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2018-06-12 16:45 - 2018-05-11 16:52 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PayloadRestrictions.dll

2018-06-12 16:45 - 2018-05-11 16:52 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll

2018-06-12 16:45 - 2018-05-11 16:51 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll

2018-06-12 16:45 - 2018-05-11 16:50 - 002186240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll

2018-06-12 16:45 - 2018-05-11 16:50 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll

2018-06-12 16:45 - 2018-05-11 16:50 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll

2018-06-12 16:45 - 2018-05-11 16:50 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32.dll

2018-06-12 16:45 - 2018-05-11 16:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2018-06-12 16:45 - 2018-05-11 16:49 - 001685504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe

2018-06-12 16:45 - 2018-05-11 16:48 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll

2018-06-12 16:45 - 2018-05-11 16:48 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll

2018-06-12 16:45 - 2018-05-11 16:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll

2018-06-12 16:45 - 2018-05-11 16:47 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll

2018-06-12 16:45 - 2018-05-11 16:47 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll

2018-06-12 16:45 - 2018-05-11 16:47 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll

2018-06-12 16:45 - 2018-05-11 16:40 - 001363968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll

2018-06-12 16:45 - 2018-05-11 16:38 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe

2018-06-12 16:45 - 2018-05-11 16:33 - 002762752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2018-06-12 16:45 - 2018-05-11 16:31 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PayloadRestrictions.dll

2018-06-12 16:45 - 2018-05-11 16:31 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll

2018-06-12 16:45 - 2018-05-11 16:31 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll

2018-06-12 16:45 - 2018-05-11 16:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2018-06-12 16:45 - 2018-05-11 16:29 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll

2018-06-12 16:45 - 2018-05-11 16:29 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe

2018-06-12 16:45 - 2018-05-11 16:29 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secur32.dll

2018-06-12 16:45 - 2018-05-11 16:28 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll

2018-06-12 16:45 - 2018-05-11 16:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll

2018-06-12 16:45 - 2018-05-11 16:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll

2018-06-12 16:45 - 2018-05-11 16:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2018-06-12 16:45 - 2018-05-11 16:26 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll

2018-06-12 16:45 - 2018-05-11 16:20 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll

2018-06-12 10:06 - 2018-06-12 10:10 - 379800106 _____ C:\Users\Owner\Downloads\2018-catalogue-digital.pdf

2018-06-11 13:56 - 2018-06-15 16:51 - 000012186 _____ C:\Users\Owner\Documents\BowWow Menders KAM Snap Inventory.xlsx

2018-06-07 11:14 - 2018-06-07 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2018-06-06 13:14 - 2018-06-06 13:14 - 000000000 ____D C:\Program Files (x86)\Secunia

2018-06-06 12:48 - 2018-06-06 13:09 - 000000000 ____D C:\ProgramData\HitmanPro

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-04 09:32 - 2018-01-20 13:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2018-07-04 06:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization

2018-07-04 06:08 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps

2018-07-04 06:08 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness

2018-07-03 15:50 - 2015-09-03 16:45 - 000000000 __RDL C:\Users\Owner\OneDrive

2018-07-03 15:48 - 2015-10-04 12:45 - 000000000 ___RD C:\Users\Owner\iCloudDrive

2018-07-03 15:43 - 2018-01-20 13:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2018-07-03 15:43 - 2016-07-04 14:00 - 000000338 _____ C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job

2018-07-03 15:41 - 2017-09-29 03:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI

2018-07-03 15:41 - 2015-12-01 15:12 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin

2018-07-03 15:41 - 2015-08-01 18:31 - 000000000 ____D C:\ProgramData\panda_url_filtering

2018-07-03 15:40 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF

2018-07-03 15:38 - 2017-06-12 10:32 - 000000000 ____D C:\Users\Owner\Desktop\Temp

2018-07-03 15:23 - 2018-01-20 13:46 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update

2018-07-02 23:38 - 2018-01-20 13:46 - 000003230 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForOwner

2018-06-30 19:33 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache

2018-06-29 17:04 - 2016-01-01 18:10 - 000000000 ____D C:\Users\Owner\Documents\CheckBook

2018-06-29 08:43 - 2017-09-29 08:46 - 000000000 ___RD C:\Program Files\Windows Defender

2018-06-29 08:43 - 2016-01-21 08:23 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2018-06-28 07:20 - 2017-09-29 08:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2018-06-28 07:19 - 2018-01-20 12:13 - 000463080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2018-06-28 07:19 - 2018-01-20 12:13 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys

2018-06-28 07:19 - 2018-01-20 12:13 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

2018-06-28 07:19 - 2018-01-20 12:13 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys

2018-06-28 07:19 - 2018-01-20 12:13 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2018-06-28 07:19 - 2018-01-20 12:13 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys

2018-06-28 07:19 - 2018-01-20 12:13 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

2018-06-28 07:19 - 2018-01-20 12:13 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys

2018-06-28 07:18 - 2018-01-20 12:13 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2018-06-28 07:18 - 2018-01-20 12:13 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys

2018-06-28 07:18 - 2018-01-20 12:13 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys

2018-06-28 07:18 - 2018-01-20 12:13 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys

2018-06-28 07:18 - 2018-01-20 12:13 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys

2018-06-28 07:18 - 2017-12-22 10:26 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys

2018-06-28 02:46 - 2013-11-01 12:25 - 000000000 ____D C:\ProgramData\TEMP

2018-06-27 18:20 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF

2018-06-27 18:19 - 2018-01-20 13:08 - 000279640 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2018-06-27 18:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences

2018-06-27 17:33 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp

2018-06-27 16:23 - 2014-12-13 21:52 - 000000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics

2018-06-27 08:37 - 2016-01-03 09:56 - 000000000 ___RD C:\Users\Owner\Documents\Scanned Documents

2018-06-26 16:14 - 2018-01-20 13:13 - 001721574 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2018-06-26 16:05 - 2015-09-09 16:24 - 000000000 ____D C:\Users\Owner\AppData\Roaming\rUpdater Software

2018-06-25 15:09 - 2016-10-06 08:05 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2018-06-23 15:52 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2018-06-23 15:47 - 2015-08-01 19:08 - 000000000 ____D C:\Program Files\Microsoft Office 15

2018-06-22 16:31 - 2017-12-30 14:16 - 000000000 ____D C:\Users\Owner\Documents\ICE

2018-06-21 10:58 - 2018-01-20 13:46 - 000003348 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3571816096-2060556278-31395193-1002

2018-06-21 10:58 - 2015-12-01 16:02 - 000002370 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2018-06-18 15:23 - 2016-01-03 09:55 - 000000000 ____D C:\Users\Owner\Documents\Life

2018-06-12 18:24 - 2018-01-20 13:52 - 000000000 ___RD C:\Users\Owner\3D Objects

2018-06-12 18:24 - 2014-01-14 18:28 - 000000000 __RHD C:\Users\Public\AccountPictures

2018-06-12 18:13 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12

2018-06-12 18:13 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12

2018-06-12 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput

2018-06-12 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2018-06-12 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2018-06-12 18:13 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism

2018-06-12 17:19 - 2014-12-15 23:42 - 000000000 ____D C:\WINDOWS\system32\MRT

2018-06-12 17:11 - 2017-10-10 21:19 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe

2018-06-12 17:11 - 2014-12-15 23:42 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2018-06-06 14:20 - 2018-04-12 05:19 - 000000000 ___HD C:\$WINDOWS.~BT

2018-06-06 14:08 - 2018-01-20 09:58 - 000000000 ___DC C:\WINDOWS\Panther

2018-06-06 13:54 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Registration

2018-06-06 13:53 - 2018-01-20 13:43 - 000049533 _____ C:\WINDOWS\diagwrn.xml

2018-06-06 13:53 - 2018-01-20 13:43 - 000049533 _____ C:\WINDOWS\diagerr.xml

2018-06-06 13:39 - 2016-09-23 15:30 - 000000000 ____D C:\ProgramData\Malwarebytes

2018-06-06 10:21 - 2016-01-03 09:54 - 000000000 ____D C:\Users\Owner\Documents\Crossroads Animal Shelter

2018-06-06 10:03 - 2018-03-26 14:30 - 000000000 ____D C:\Users\Owner\Documents\Bravo

2018-06-05 18:24 - 2018-05-12 12:24 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2018-06-05 18:24 - 2018-05-12 12:24 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-10-31 10:28 - 2016-06-03 16:49 - 000007601 _____ () C:\Users\Owner\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-30 17:37

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018

Ran by Owner (04-07-2018 09:35:32)

Running from C:\Users\Owner\Desktop

Windows 10 Home Version 1709 16299.522 (X64) (2018-01-20 18:49:24)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3571816096-2060556278-31395193-500 - Administrator - Disabled) => C:\Users\Administrator

DefaultAccount (S-1-5-21-3571816096-2060556278-31395193-503 - Limited - Disabled)

Guest (S-1-5-21-3571816096-2060556278-31395193-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3571816096-2060556278-31395193-1004 - Limited - Enabled)

mari__000 (S-1-5-21-3571816096-2060556278-31395193-1006 - Administrator - Enabled)

Owner (S-1-5-21-3571816096-2060556278-31395193-1002 - Administrator - Enabled) => C:\Users\Owner

rwilb_000 (S-1-5-21-3571816096-2060556278-31395193-1005 - Administrator - Enabled)

WDAGUtilityAccount (S-1-5-21-3571816096-2060556278-31395193-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)

Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)

Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)

AMD Catalyst Install Manager (HKLM\...\{3EAD91D5-2004-1B7F-26FF-C0B4AE3C62F7}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)

Apple Application Support (32-bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Carbonite (HKLM-x32\...\{34A6D6FF-7EEC-499E-A54F-71077783AED6}) (Version: 6.3.2 build 7466 (Sep-07-2017) - Carbonite)

Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)

Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)

CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.00.100 - Nuance Communications Inc.)

Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)

ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)

Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden

Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)

HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)

HP Documentation (HKLM-x32\...\{A64DC543-B6C3-4745-AAD6-AC9F1B765BCF}) (Version: 1.2.0.0 - Hewlett-Packard)

HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)

HP MyRoom (HKLM-x32\...\{2C839F0F-5494-454D-9980-A14C5C5EB3EF}) (Version: 10.4.0168 - Hewlett-Packard)

HP PC Hardware Diagnostics Windows (HKLM-x32\...\{BD2CDEAF-8D83-4553-A3B3-8B614CC6C96E}) (Version: 1.1.0.0 - HP Inc)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photosmart 7520 series Help (HKLM-x32\...\{08295D09-E002-48F8-905D-34E4B08509BA}) (Version: 28.0.0 - Hewlett Packard)

HP Photosmart 7520 series Product Improvement Study (HKLM\...\{16B872EE-C458-41BD-BEAE-52758A3F3168}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)

HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.6.18.11 - Hewlett-Packard Company)

HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.9.18.3 - Hewlett-Packard Company)

HP System Event Utility (HKLM-x32\...\{6B1ECC61-B581-400D-BFAF-101B1AAEA5AB}) (Version: 1.4.7 - Hewlett-Packard Company)

HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)

HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)

HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden

iCloud (HKLM\...\{C8127F91-0244-4FF0-8014-0C432E15E09D}) (Version: 7.5.0.34 - Apple Inc.)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)

iTunes (HKLM\...\{BE065D5C-5EB5-4F39-A112-32897C297935}) (Version: 12.7.5.9 - Apple Inc.)

Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)

Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.5041.1001 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)

Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden

PSTViewer Pro 7 (HKLM\...\{B515BC8D-408D-4CF5-AC6C-9B1E0E0F0DDF}) (Version: 7.5.460.0 - Encryptomatic, LLC)

QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)

Ralink Bluetooth Stack64 (HKLM\...\{307AA214-8490-9119-DA81-C8E875AD1C94}) (Version: 11.0.737.5 - Mediatek)

Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)

swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)

UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden

Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)

ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-28] (AVAST Software)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)

ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-28] (AVAST Software)

ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)

ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-05-23] (Apple Inc.)

ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-28] (AVAST Software)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)

ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)

ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-28] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {044350E6-C3C5-4CED-8E81-E108D50431F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)

Task: {0E187970-92E9-4845-A603-7BA6F471A31F} - System32\Tasks\HP AR Program Upload - cd662528bad74f0292fc12464c7f590c95db0a604934478da499cbe1489bfc24 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {10AE2ED3-1B20-4805-A65D-7D421CA08CC6} - System32\Tasks\HP AR Program Upload - 13b048195d264b5fb015dcb5688a0bf990b19bbb1e4241188313634cf36ebf65 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {177467AE-55D0-41B9-B9F7-47AF0E868074} - System32\Tasks\HP AR Program Upload - 20ed4d4523514baaba4a379532fad29c25009e0232454e64a64bfc0931fdb127 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {1B9E9F96-542C-47C4-BDFF-9F31231CB1DF} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe

Task: {3495BB16-2E14-4DAC-AB62-655B3B0BA71B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2018-05-23] (Apple Inc.)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe

Task: {36213528-338C-4470-B040-6C6A0FDC8D55} - System32\Tasks\HP AR Program Upload - e041d3ba528447cd8a3844a84947d474a1fe7e4ca863435ca58430f52790766e => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {3FD15CAF-00DA-4DF4-B461-2521632DE384} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)

Task: {400F66B8-07BE-4DB3-BC52-BA839403206F} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)

Task: {48F3CA6F-826F-4888-B2C1-33EAD7E7DF3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-01] (Google Inc.)

Task: {550D2824-4CA8-40C3-85AA-B97123F2621D} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {5B8AB74A-2B49-4B48-BC4F-7D19FBE93555} - System32\Tasks\HP AR Program Upload - 54e913671e304774bb065d953d8785201a8e6e5732094e1d93d2575b01c6f336 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {5C43B687-2B29-424F-931C-843259C0FE8A} - System32\Tasks\HP AR Program Upload - 6cbae8e051084ba4901ec4d9d7ec410b7452d3c81fe24303b4468b1b176103fe => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {61BCC6F0-1C1F-4916-8202-6D49B8DB1B8C} - System32\Tasks\HP AR Program Upload - d520a4fe92ff45c5b7400be608664b4dbc44d3556d914fc28e24b6c8d18faea5 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {62162C57-E877-4FA6-8399-EF0C47C763DE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)

Task: {66D5B3F6-BE8F-4974-AE40-6C4BF5CEEC6C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-06-12] (Microsoft Corporation)

Task: {66F1E160-B411-48FD-ADED-FFD1EFEBE882} - System32\Tasks\HP AR Program Upload - 59efb5f037674031b411c4abdc22dbabfc064db05304497a8144a2de34945686 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {68409B33-DABC-4696-B6CB-62576828BAE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-05-11] (HP Inc.)

Task: {6B57DBC6-BCAC-4E1A-A658-9A6E99E7CFD2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)

Task: {736121B3-183E-452A-BC9C-8681AB220B09} - System32\Tasks\HP AR Program Upload - d3b4ac90ff1641e3a105836f88570e3038466b74f0ea490fbae29202b9f29ff6 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {736E2B85-8DF0-416D-9896-CE91DBFD6417} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)

Task: {7A88A5CF-A084-4356-9477-79ECF5C5D823} - System32\Tasks\HP AR Program Upload - ae42614dad434ccfb23d43e802ad066f34eb2bd3afec47b5a2ecf6513f105e7f => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {7C60C842-76D5-4F00-BE70-FE46EE2C587D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)

Task: {7E634445-1972-4713-8AD9-62C341B39542} - System32\Tasks\HP AR Program Upload - a69930d82c9c49c592a14a8213aec954705e24a9f8064e95a918baeb82840aff => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {81113475-3698-49CD-B799-5ED7F9FD85D7} - System32\Tasks\HP AR Program Upload - bda91eab68504b46a4567215c6dfc6d041f3c17eba4d49d39020975a73a92bf2 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {827104DF-5CD3-41FE-BF14-DE784E404802} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)

Task: {82967426-2E44-4132-A32D-1E808A3639D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-06] (AVAST Software)

Task: {830A47C3-1F9D-4985-885E-AAFE52B6EF46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)

Task: {839DD036-FCB9-42E0-AC65-F6F9F81033F0} - System32\Tasks\HP AR Program Upload - 23b4b9df709e4eb7a03669f2d3e6d9c3968db8bb0a364ce8ac8c72758fea4a6e => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {87590BD9-1A74-4549-826D-7BAE682EA7C4} - System32\Tasks\HP AR Program Upload - 3302f8c4da98408f9de824303d72f7e8ecaa8997014c430ab5febfcd754d1ec8 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {891034CC-A26D-453A-93E2-C1C12576F7CB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated)

Task: {8BDA85CB-8CA8-4674-A3D0-E5E8175D47B2} - System32\Tasks\HP AR Program Upload - b60302ff0fd149c3b28a5599a1d0d2ac522aab96f53946c1b0283e24fbc072bd => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {90F02EDA-B3E2-4F92-BCEF-6A0BEF528E56} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-08-18] (Synaptics Incorporated)

Task: {934D048D-6A77-439E-BAB6-CF200D9E9EE9} - System32\Tasks\HP AR Program Upload - d237079b094e40d5b92c2a7a186b1ae878c9d48866ac41e785a85267ca21038b => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {93EF3557-8EEB-4F1F-9657-C4E583490EDB} - System32\Tasks\HP AR Program Upload - cc5fe602b0454df298e9f2213c70f5915cedda117e3e4b0ea206214d67c464a8 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {94C66E5B-F752-4DDF-B70F-A8B44ACF4981} - System32\Tasks\HP AR Program Upload - 7a620f6a9e794ac4935f1bd437f9a7568627dc9a7981485cb22ce992afa6a70b => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {958BB90D-CE00-47B2-807C-4E980390CCA6} - System32\Tasks\HP AR Program Upload - c4522da8b5b643d8ae5242a4d41af0140023c55c804c4c5c956057afdacf9d56 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {96C81D51-D447-4500-8994-980C0C3A727F} - System32\Tasks\HP AR Program Upload - 04c32abb928e41d58951629e32c48e15a9b744708e4048439af7a9b6f3b1a21f => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {9A52E4A7-2C5B-45BC-9E9A-8463D7316092} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK

Task: {9B9F9486-F7D5-45A4-9DDE-6082C0B7C159} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-06-28] (AVAST Software)

Task: {9E24DEB6-D146-43D5-A951-971D3C33503C} - System32\Tasks\HP AR Program Upload - 3575c51157384e2d8ce2c98e4f3828e4836b0231d51c493ba822ab8c186ffbca => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {A6CD674D-E253-4A8B-B67E-F8BD6074E621} - System32\Tasks\HP AR Program Upload - 95a0f5c3e17a43178792f2d4fd896425c9b7170f30bd4833ad85df257c454e0d => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {A708FEFA-B10A-48BC-A597-BC8AD1A6226D} - System32\Tasks\HP AR Program Upload - 88cc1119b3b5443ba7c463ff649a914dfa3022a442f149619cfeca508af1b7db => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {AA9646CB-519F-4CF0-BB80-C881C88B72B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)

Task: {AEDA639D-00B6-4EFF-9BDE-C796EC7A44D5} - System32\Tasks\HP AR Program Upload - 60b9449260e84595a093000ee04f48dc42803145a44e44549b09086fdf283130 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {BD82E335-26E4-421E-BDBB-CC21E1414541} - System32\Tasks\HP AR Program Upload - d630fbb24d2e4b58828058b993cfddb084940f9ba3dc42edb773fd41bc9add95 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {BE06E552-7606-40C2-A537-E51E43287E11} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)

Task: {BFCCCE98-5B63-49C8-8BCA-31CE483EDADA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)

Task: {C8B4D475-2A8D-4B01-8E2F-8794CC4434F1} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-22] ()

Task: {CAF5EB68-236D-4AEA-9DE0-FFFDA880E3F3} - System32\Tasks\HP AR Program Upload - 47af6eb2eb55495ea77bf8d7240bdb802bb1319547d240f684d2261ca10577c3 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {CF6A0242-24C3-4D56-9504-35C88A271C4F} - System32\Tasks\HP AR Program Upload - 27e16fb787014adb989b3b6d3ae895d9ca3fb2e99092439a83ced62f18f59f1d => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {D68DC9B7-9724-48D6-AFFA-F326B3CB4C50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-01] (Google Inc.)

Task: {D8015EC6-FC86-434B-A369-7D10D676B2F4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-09] (Adobe Systems Incorporated)

Task: {D9AA527F-7F7F-4E2C-92DC-D6F0D031C8BC} - System32\Tasks\HP AR Program Upload - 157c157312034a29b55b03fdf0e7a42f5849161fad3940c18ac3edc072ba8db7 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {E324B319-B289-405C-87F3-7A4F92659AA8} - System32\Tasks\HP AR Program Upload - 82cbb129e1d4435cb8f43ac75d80fc026037922f70a14a3eaae9b1fc51a5df84 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {E6AB8001-0B5B-49CC-93E6-D26EE67964D4} - \Optimize Start Menu Cache Files-S-1-5-21-3571816096-2060556278-31395193-1002 -> No File <==== ATTENTION

Task: {E8F05230-863A-4482-9B69-B54C526DE88E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)

Task: {F5C399E9-3167-46BE-8C19-8AB68F84E08F} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

Task: {F86DD61A-78CA-4A0D-A3BB-98C4A359859E} - System32\Tasks\HP AR Program Upload - 9dff23a5152d4eff91c964a9ac6f6adbb4ff3d7ea8ad4acb9c824bd72ea89781 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {F8AAB4A0-F4C8-487C-A15D-751AC942F116} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)

Task: {FB0405CE-1534-4DEA-B5F6-8822D36939F2} - System32\Tasks\HP AR Program Upload - 05043a01f62c4db8ac8ef14dd94e6d096f6a2ff3485e42539b3d7369458b29b4 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {FE44855B-8408-4395-B8D7-8DB8875960A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {FE8A1AD1-2C74-44EF-BDCF-86BAB3EAF9B2} - System32\Tasks\HP AR Program Upload - 5dbd5b0315a34311b8639bddbaba717c86cf94835bb34f0e9f10d544291b21d3 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2014-07-05 00:33 - 2014-07-05 00:33 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2015-08-04 08:24 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2017-03-23 19:17 - 2017-01-31 07:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2018-06-27 17:18 - 2018-06-13 16:05 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2018-06-27 17:18 - 2018-06-13 16:02 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2018-06-25 15:09 - 2018-06-22 14:15 - 002663768 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\swiftshader\libglesv2.dll

2018-06-25 15:09 - 2018-06-22 14:15 - 000128856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\swiftshader\libegl.dll

2018-05-15 18:59 - 2018-05-15 18:59 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2017-11-30 19:55 - 2017-11-30 19:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2018-05-15 18:59 - 2018-05-15 18:59 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

2018-03-10 18:13 - 2018-03-10 18:13 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2018-06-28 07:19 - 2018-06-28 07:19 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

2018-06-28 07:18 - 2018-06-28 07:18 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

2018-07-03 15:45 - 2018-07-03 15:45 - 000098816 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32api.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000110080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\pywintypes27.dll

2018-07-03 15:45 - 2018-07-03 15:45 - 000364544 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\pythoncom27.dll

2018-07-03 15:45 - 2018-07-03 15:45 - 000320512 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32com.shell.shell.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000914432 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_hashlib.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 001176576 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._core_.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000806400 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._gdi_.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000816128 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._windows_.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 001067008 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._controls_.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000733184 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._misc_.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000682496 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\pysqlite2._sqlite.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000088064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_ctypes.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000686080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\unicodedata.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000119808 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32file.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000108544 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32security.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000007168 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\hashobjs_ext.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000017920 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\thumbnails_ext.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000088064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\usb_ext.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000012800 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\common.time34.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000018432 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32event.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000167936 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32gui.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000046080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_socket.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 001303552 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_ssl.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000128512 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_elementtree.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000127488 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\pyexpat.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000038912 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32inet.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000036864 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_psutil_windows.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000525208 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\windows._lib_cacheinvalidation.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000011264 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32crypt.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000123392 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._wizard.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000077312 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._html2.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000027648 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_multiprocessing.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000020480 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_yappi.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000035840 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32process.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000078848 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._animate.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000024064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32pipe.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000010240 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\select.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000025600 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32pdh.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000017408 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32profile.pyd

2018-07-03 15:45 - 2018-07-03 15:45 - 000022528 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32ts.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [132]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2018-07-03 14:38 - 000475748 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

0.0.0.0 fr.a2dfp.net

0.0.0.0 m.fr.a2dfp.net

0.0.0.0 mfr.a2dfp.net

0.0.0.0 ad.a8.net

0.0.0.0 asy.a8ww.net

0.0.0.0 static.a-ads.com

0.0.0.0 abcstats.com

0.0.0.0 a.abv.bg

0.0.0.0 adserver.abv.bg

0.0.0.0 adv.abv.bg

0.0.0.0 bimg.abv.bg

0.0.0.0 ca.abv.bg

0.0.0.0 track.acclaimnetwork.com

0.0.0.0 accuserveadsystem.com

0.0.0.0 www.accuserveadsystem.com

0.0.0.0 achmedia.com

0.0.0.0 csh.actiondesk.com

0.0.0.0 ads.activepower.net

0.0.0.0 ad.activesolutions.cz

0.0.0.0 app.activetrail.com

0.0.0.0 traffic.acwebconnecting.com

0.0.0.0 office.ad1.ru

0.0.0.0 cms.ad2click.nl

0.0.0.0 ad2games.com

0.0.0.0 content.ad20.net

0.0.0.0 core.ad20.net

0.0.0.0 banner.ad.nu

0.0.0.0 adadvisor.net

0.0.0.0 wad.adbasket.net

There are 12587 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\Pictures\2018\2018_01\20180107 Ethan.jpg

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\StartupApproved\Run: => "rUpdater agent"

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\StartupApproved\Run: => "HP Photosmart 7520 series (NET)"

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{7F34302A-BCF1-4EA2-8C6F-6DA96B634481}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe

FirewallRules: [TCP Query User{382F7EB3-5714-4345-8B1B-F5A202BA5724}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe

FirewallRules: [{A8173068-98E1-4B84-B5A2-BF0124A68372}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

FirewallRules: [{9DD3C300-69E9-410D-9768-8268DF317099}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [{73AE8A15-EBDB-4066-975D-D371BE7941B7}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [{429639AD-9DE5-472D-AD04-12B0CC70E418}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe

FirewallRules: [{E0E0A570-D893-4779-BFAF-EB53DBAADFF3}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe

FirewallRules: [{B2C5544D-344E-4CAE-B2AD-C3805792486D}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe

FirewallRules: [{990D2631-3B2B-444C-8DBB-F1D9570E62D3}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe

FirewallRules: [{88857203-A1FA-4BCA-8BE0-72BCA49B776D}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4942\HPDiagnosticCoreUI.exe

FirewallRules: [{55DA8EEB-690B-495A-95A3-B26CA824A927}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4942\HPDiagnosticCoreUI.exe

FirewallRules: [{0FE2E7E4-F32E-4911-8F01-36A810ACFB00}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS46D5\HPDiagnosticCoreUI.exe

FirewallRules: [{FB992C17-D058-4DD3-A5AD-3339C78A723C}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS46D5\HPDiagnosticCoreUI.exe

FirewallRules: [{D1CC354E-D6A5-4079-9DA4-3B563E7D9575}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS2A62\HPDiagnosticCoreUI.exe

FirewallRules: [{F2BB004C-5B84-479B-8369-CCAF95A19623}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS2A62\HPDiagnosticCoreUI.exe

FirewallRules: [{300DA682-686B-463F-8588-B8A412BB71A1}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS47A6\HPDiagnosticCoreUI.exe

FirewallRules: [{957EB282-E084-47CC-B39B-80D364889A03}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS47A6\HPDiagnosticCoreUI.exe

FirewallRules: [{31DF2E4F-9E8E-47E5-9D91-A52BA735A296}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS05FF\HPDiagnosticCoreUI.exe

FirewallRules: [{18E10B91-7357-48E0-9BEE-0ABBF4D0DDF1}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS05FF\HPDiagnosticCoreUI.exe

FirewallRules: [{800C00E8-0043-4285-912D-0520878E7EC6}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4F10\HPDiagnosticCoreUI.exe

FirewallRules: [{EE26E174-F3C5-49ED-AF96-4375BFCDBECD}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4F10\HPDiagnosticCoreUI.exe

FirewallRules: [{C19CD7DF-1589-44A7-81AA-93A1AB02F7AC}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4E94\HPDiagnosticCoreUI.exe

FirewallRules: [{DA255DC9-2407-4C72-A10A-6EE58EF0F48E}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4E94\HPDiagnosticCoreUI.exe

FirewallRules: [UDP Query User{17E70F61-2A90-4038-99C1-E3E301908547}C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe] => (Allow) C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe

FirewallRules: [TCP Query User{A27AC6B7-9386-4046-A5FC-CA4E784E252C}C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe] => (Allow) C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe

FirewallRules: [{0E3C8F37-B259-467D-9705-8B028BE6EC29}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{532A1504-1CD6-4EB1-9D88-832CBD4B5C61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{BCB20815-7187-40E4-93FD-33F9652EC2B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{D9F0CD80-DBDF-4F1D-999F-D27C39E72091}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [UDP Query User{A2AF0334-2FCF-4785-8A0B-C9CF15103A60}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe

FirewallRules: [TCP Query User{71AC7401-346A-45C3-B98B-D550DC856710}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe

FirewallRules: [{5A0F632A-07F3-47FE-9D97-F6AF0B12BFFE}] => (Allow) LPort=1900

FirewallRules: [{DF95C8D4-A149-4209-AC3E-15C8C92565A1}] => (Allow) LPort=2869

FirewallRules: [{E4B674E1-82E2-46E4-A221-9919620027C7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{AAAD9B1F-46F0-443B-A64C-9D661F2551C3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{98DA7191-3F2A-47F7-8BA3-C7DCABB2E231}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{4968CAF8-E343-4C59-9CA7-2A3471C5E885}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

FirewallRules: [{C6475F0E-5D77-4B16-97C6-587DA739B3FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe

FirewallRules: [{A841F4B1-5F9E-4474-A2D0-95352830D027}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe

FirewallRules: [{E1DF5F8A-6CE9-4C46-8D8F-68EEDB4A2D6F}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe

FirewallRules: [{0965F846-D44F-4F7D-B066-5877018DE037}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe

FirewallRules: [{A78FD93C-B533-401E-823E-2461329B8FE1}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe

FirewallRules: [{921CE967-0573-4D10-AAA0-300AFB330F3E}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe

FirewallRules: [{C75FE225-25C9-4498-B13D-E528F0E138D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe

FirewallRules: [{9036D1A4-7A6A-4072-8CCC-DEB98F6E11FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe

FirewallRules: [{D5670B83-EC57-4AB4-81A7-6AAFEF693881}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe

FirewallRules: [{85069B8E-3B43-4C5C-8590-AFC4E70CC0BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe

FirewallRules: [{97FA3EA0-087C-417B-A5C6-B3921B71BD78}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{07811608-DE1B-41AB-809C-6947EBE250FC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{79DCA3DD-4808-443E-BFB4-44676B141AC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{51C4E45A-C5B3-4317-93B6-2665A00761F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{F92DAB55-2100-4496-B092-7E35940BFF7B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe

FirewallRules: [{9134EBE7-9E0F-40DE-BB1B-2CCA814DDD34}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe

FirewallRules: [{00746B45-66F9-4130-9C7B-7A7A54A70541}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe

FirewallRules: [{45AF73DB-CD3D-4F03-8EF9-049243F17417}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe

FirewallRules: [{55E88299-1570-4F2A-BC9A-DE240029A836}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe

FirewallRules: [{634BCF34-41D8-4812-9210-DA02A9C518A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe

FirewallRules: [{7C3927CE-AB1F-4BCF-8442-1058D560C8C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe

FirewallRules: [{347CEAF3-405C-475C-86AD-B20989C9B73E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe

FirewallRules: [{D558E438-88B2-4F22-842A-A4D153B87271}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [{C9E34CCC-7F9B-4D57-88BA-2C4232D6C9FF}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe

FirewallRules: [{FE25341A-3A39-4AD8-8479-68329B3176D0}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe

FirewallRules: [{E7AD625E-BF54-4F83-ABC3-705FE22BF357}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe

FirewallRules: [{35EA0C09-0C1A-4D45-920C-28EAC803655A}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe

FirewallRules: [{84FB5B07-15B4-4B51-BC03-4B3BE4AFA0D9}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe

FirewallRules: [{2CC95ACD-940D-4E6A-9710-2E0E68460B8B}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe

FirewallRules: [{7779F5EA-1A36-4D36-B05D-EF490367065A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{ACA4B57B-91B6-4C55-B263-5CB0F0513E44}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{7A1165C8-33B0-45CC-B0BD-67A27987A24A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{396330BB-5710-41EF-A8BA-23CE2FADD2A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{F1599A5B-1DAA-4C18-A357-CD55FBC5E13F}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe

FirewallRules: [{4B9F8D77-C991-4DC1-B527-A69887EC7768}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe

FirewallRules: [{8D0072BD-E00E-45AF-BB20-C494CC61DCAB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE

FirewallRules: [{D5259FD3-0338-4BE1-B6CD-8CC43E6C1E6F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe

FirewallRules: [{BD15BCC9-A39B-4AD8-895C-72C83C45273D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe

FirewallRules: [{A7CA6AA7-4AEF-416D-AB9E-30E35D196984}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe

FirewallRules: [{D638B2EF-CC5C-4538-B716-EAA5B4743DF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe

FirewallRules: [{351EF3AF-88D8-482E-945B-25FF2832EE88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe

FirewallRules: [{83923E4A-E76D-417E-B862-9020CFB46E4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe

FirewallRules: [{9C6496B5-B155-48B3-A5DC-71ED669DDD17}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

FirewallRules: [{87BFF0F6-3908-45E2-B21B-1F8B5D09ACB4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

FirewallRules: [{FAD139DC-3C20-46A0-B0FA-79B788C4D521}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe

FirewallRules: [{B0B82F4E-742A-4039-A581-3BBAAD3A109A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe

FirewallRules: [{97A3064E-8034-4672-A47B-89428E45EB41}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

FirewallRules: [{74F795BD-037C-42F3-81DB-B9123E5D8BA2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

FirewallRules: [{CE704780-EA55-45B5-863D-329DC98C67BA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe

FirewallRules: [{2DDFEF7C-4252-47A7-A850-7F6DE7AAE8A2}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe

FirewallRules: [{6121C2E9-D55E-4AEA-8056-FCF01E4A60E4}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe

FirewallRules: [{00C14A15-BA90-42E0-90AF-F6501B2B34CE}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe

FirewallRules: [{F67360EC-D1B4-4492-BF95-126FB166C09A}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS18D5\HPDiagnosticCoreUI.exe

FirewallRules: [{6BED2BA7-7EE0-421F-819D-168785BCBB23}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS18D5\HPDiagnosticCoreUI.exe

FirewallRules: [TCP Query User{518D0F4D-1C6D-4C62-B7D6-542DCE8E38AB}C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe

FirewallRules: [UDP Query User{25BB462A-3926-42E9-9008-C5EA57BF69D3}C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe

FirewallRules: [{7E7E7E65-2F44-476A-A2BE-E9626193EA5B}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{3FF21F05-CDD2-4D81-BD02-1D5694009933}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{3EE36798-7D0C-4A43-B25F-ED27FC599234}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

FirewallRules: [{40DB4255-C9ED-48C3-A7A8-6545E91223CB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

FirewallRules: [{15C5240F-C70C-4E1A-B2F9-CC8F7E52E2F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{602656AC-A642-41ED-B5FA-75FF3895D696}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{B5DDBEA5-9C2A-4448-8C0D-DDA67D3193FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{42457AA8-D3F7-4A76-B462-BAE2E0DBC77C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{D3FA597B-101F-4007-A590-8FEF4EB0D2CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{1083BED6-5058-430C-9743-33BBE94B539C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{A7ECA197-A1F1-4BD9-A900-492A5589F2A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{3EE068E8-FB6F-4C4A-BBAE-83D88ADD8BDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{A39E471C-69E2-4450-A4A7-3D2F22335499}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe

FirewallRules: [{DF13A479-CB9C-4BAC-926D-E2D8F9E4540A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe

==================== Restore Points =========================

30-06-2018 19:31:16 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (07/03/2018 03:51:18 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/03/2018 03:51:14 PM) (Source: PerfNet) (EventID: 2004) (User: )

Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (07/03/2018 03:51:14 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/03/2018 03:51:12 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/03/2018 03:51:12 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/02/2018 04:10:59 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (07/01/2018 03:35:43 PM) (Source: Perflib) (EventID: 1008) (User: )

Error: (06/30/2018 11:39:17 AM) (Source: Perflib) (EventID: 1008) (User: )

System errors:

=============

Error: (07/04/2018 04:58:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/04/2018 03:58:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

Error: (07/03/2018 04:14:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

Error: (07/03/2018 03:58:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

Error: (07/03/2018 03:53:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

Error: (07/03/2018 03:49:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Delivery Optimization service hung on starting.

Error: (07/03/2018 03:46:48 PM) (Source: DCOM) (EventID: 10016) (User: PC)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

to the user PC\Owner SID (S-1-5-21-3571816096-2060556278-31395193-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/03/2018 03:43:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

and APPID

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

Windows Defender:

===================================

Date: 2018-06-28 12:20:09.511

Description:

Windows Defender Antivirus has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.247.704.0

Update Source: Microsoft Malware Protection Center

Signature Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.13903.0

Error code: 0x80072ee2

Error description: The operation timed out

Date: 2018-06-28 12:20:09.511

Description:

Windows Defender Antivirus has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.247.704.0

Update Source: Microsoft Malware Protection Center

Signature Type: AntiSpyware

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.13903.0

Error code: 0x80072ee2

Error description: The operation timed out

Date: 2018-06-28 12:20:09.510

Description:

Windows Defender Antivirus has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.247.704.0

Update Source: Microsoft Malware Protection Center

Signature Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.13903.0

Error code: 0x80072ee2

Error description: The operation timed out

Date: 2018-06-28 12:00:06.400

Description:

Windows Defender Antivirus has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.247.704.0

Update Source: Microsoft Malware Protection Center

Signature Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.13903.0

Error code: 0x80072ee2

Error description: The operation timed out

Date: 2018-06-28 12:00:06.399

Description:

Windows Defender Antivirus has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.247.704.0

Update Source: Microsoft Malware Protection Center

Signature Type: AntiSpyware

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.13903.0

Error code: 0x80072ee2

Error description: The operation timed out

CodeIntegrity:

===================================

Date: 2018-07-04 09:34:14.615

Description:

Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-07-04 09:34:14.611

Description:

Date: 2018-07-04 09:20:47.245

Description:

Date: 2018-07-04 09:20:47.240

Description:

Date: 2018-07-04 09:09:26.917

Description:

Date: 2018-07-04 09:09:26.913

Description:

Date: 2018-07-04 09:05:47.177

Description:

Date: 2018-07-04 09:05:47.173

Description:

==================== Memory info ===========================

Processor: AMD A10-5745M APU with Radeon™ HD Graphics

Percentage of memory in use: 55%

Total physical RAM: 5336.26 MB

Available physical RAM: 2372.95 MB

Total Virtual: 6232.26 MB

Available Virtual: 2972.99 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:667.83 GB) (Free:490.45 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (RECOVERY) (Fixed) (Total:28.33 GB) (Free:2.82 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive f: () (Removable) (Total:14.83 GB) (Free:14.74 GB) FAT32

\\?\Volume{d97b525b-7a5d-437e-893c-9c5d4d441855}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS

\\?\Volume{17aec459-3ed0-4961-bb44-098682a07aaa}\ () (Fixed) (Total:0.25 GB) (Free:0.14 GB) FAT32

\\?\Volume{50f53de4-8d16-4edb-b6fc-3dcb950c07ce}\ () (Fixed) (Total:1.7 GB) (Free:1.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 698.6 GB) (Disk ID: 44766419)

Partition: GPT.

========================================================

Disk: 1 (Protective MBR) (Size: 14.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

#2
RKinner

Posted 04 July 2018 - 10:37 AM

Malware Expert

Expert
24,623 posts

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Note the file name. Open the file on your desktop and copy and paste the text to a reply.

Copy the next 2 lines:

TASKLIST /SVC > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply.

Get the free version of Speccy:

http://www.filehippo...ownload_speccy/

(Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it. Point it at the file and hit Open.
Now click on Attach this file.

#3
SumMom

Posted 04 July 2018 - 12:27 PM

Member

Topic Starter
Member
69 posts

Thank you for your quick response Robert!

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

System Idle Process 76.51 52 K 8 K 0

CarboniteService.exe 7.90 85,512 K 61,544 K 3292 Carbonite Secure Backup Engine Carbonite, Inc. (www.carbonite.com) (Verified) Carbonite

procexp64.exe 7.09 34,320 K 77,124 K 15912 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

Interrupts 1.65 0 K 0 K n/a Hardware Interrupts and DPCs

dwm.exe 1.60 33,760 K 41,572 K 80 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows

MsMpEng.exe 1.50 159,264 K 102,688 K 3904 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation

System 0.90 364 K 20,532 K 4

csrss.exe 0.86 2,824 K 4,912 K 716 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher

TabTip.exe 0.62 4,080 K 15,284 K 7904 Touch Keyboard and Handwriting Panel Microsoft Corporation (Verified) Microsoft Windows

AvastUI.exe 0.30 32,496 K 45,584 K 8336 Avast Antivirus AVAST Software (Verified) AVAST Software s.r.o.

chrome.exe 0.25 63,392 K 97,172 K 13036 Google Chrome Google Inc. (Verified) Google Inc

explorer.exe 0.20 69,236 K 133,452 K 5672 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 0.18 232,952 K 223,636 K 8780 Google Chrome Google Inc. (Verified) Google Inc

CarboniteUI.exe 0.15 19,972 K 32,840 K 8592 Carbonite User Interface Carbonite, Inc. (Verified) Carbonite

chrome.exe 0.07 78,884 K 77,836 K 5332 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 0.05 31,752 K 46,376 K 16340 Google Chrome Google Inc. (Verified) Google Inc

googledrivesync.exe 0.05 61,600 K 22,072 K 9708 Google Drive Google (Verified) Google Inc

Panda_URL_Filteringb.exe 0.04 12,556 K 19,344 K 3348 Anti-phishing Domain Advisor (Powered by Panda Security) Visicom Media Inc. (Verified) Visicom Media Inc.

HPNetworkCommunicatorCom.exe 0.02 3,252 K 11,292 K 772 HPNetworkCommunicatorCom Hewlett-Packard Co. (Verified) Hewlett Packard

AvastSvc.exe 0.02 73,452 K 37,280 K 2944 Avast Service AVAST Software (Verified) AVAST Software s.r.o.

chrome.exe 0.01 272,124 K 256,424 K 10788 Google Chrome Google Inc. (Verified) Google Inc

svchost.exe 0.01 5,032 K 15,360 K 9828 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

iCloudPhotos.exe 0.01 29,964 K 44,624 K 5728 iCloud Photo Library Apple Inc. (Verified) Apple Inc.

AppleMobileDeviceService.exe < 0.01 4,436 K 13,380 K 3272 MobileDeviceService Apple Inc. (Verified) Apple Inc.

SynTPEnh.exe < 0.01 6,824 K 19,360 K 6052 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated

TouchpointAnalyticsClientService.exe < 0.01 42,936 K 37,780 K 11612 HP Touchpoint Analytics Client Service HP Inc. (Verified) HP Inc.

officeclicktorun.exe < 0.01 24,476 K 32,016 K 3248 Microsoft Office Click-to-Run Microsoft Corporation (Verified) Microsoft Corporation

ApplePhotoStreams.exe < 0.01 11,436 K 29,284 K 2972 iCloud Photo Stream Apple Inc. (Verified) Apple Inc.

chrome.exe < 0.01 57,948 K 44,920 K 6216 Google Chrome Google Inc. (Verified) Google Inc

svchost.exe < 0.01 23,888 K 39,664 K 4260 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

chrome.exe < 0.01 27,676 K 38,456 K 8020 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe < 0.01 22,800 K 23,052 K 7008 Google Chrome Google Inc. (Verified) Google Inc

PhotoshopElementsFileAgent.exe < 0.01 2,564 K 1,308 K 8364 Adobe Photoshop Elements 13.0 (component) Adobe Systems Incorporated (Verified) Adobe Systems Incorporated

svchost.exe < 0.01 2,844 K 13,344 K 2928 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

TrustedInstaller.exe < 0.01 1,852 K 7,072 K 13752 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows

WUDFHost.exe 2,200 K 7,124 K 1696 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows

WUDFHost.exe 2,296 K 9,396 K 14840 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows

WmiPrvSE.exe 6,364 K 14,080 K 13780 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows

WmiPrvSE.exe 2,792 K 8,996 K 9268 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows

winword.exe 44,044 K 83,304 K 9024 Microsoft Word Microsoft Corporation (Verified) Microsoft Corporation

winlogon.exe 2,592 K 9,680 K 836 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows

wininit.exe 1,332 K 5,104 K 704 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows Publisher

VSSVC.exe 2,964 K 9,384 K 12700 Microsoft® Volume Shadow Copy Service Microsoft Corporation (Verified) Microsoft Windows

unsecapp.exe 1,368 K 6,208 K 8492 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows

taskhostw.exe 5,460 K 12,048 K 5716 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows

TabTip32.exe 1,348 K 4,452 K 7980 Touch Keyboard and Handwriting Panel Helper Microsoft Corporation (Verified) Microsoft Windows

SystemSettings.exe Suspended 21,164 K 45,844 K 9840 Settings Microsoft Corporation (Verified) Microsoft Windows

SynTPHelper.exe 1,036 K 4,148 K 6276 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated

SynTPEnhService.exe 1,200 K 4,228 K 3396 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated

svchost.exe 2,468 K 6,636 K 584 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 69,916 K 73,176 K 1976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,920 K 8,236 K 2152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 13,152 K 13,252 K 1252 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,412 K 6,800 K 1520 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 10,916 K 26,384 K 1008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,236 K 11,664 K 512 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,812 K 6,864 K 15524 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 12,220 K 15,232 K 1416 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,328 K 10,684 K 2240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,728 K 5,972 K 2052 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,060 K 11,500 K 2188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,052 K 7,244 K 3132 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,460 K 8,304 K 3584 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 7,848 K 16,392 K 3320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,100 K 6,332 K 3880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,464 K 14,448 K 2872 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,024 K 12,984 K 2424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,120 K 16,404 K 1644 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,332 K 15,468 K 5616 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,840 K 5,716 K 2392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,464 K 8,948 K 1828 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,764 K 19,172 K 3452 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,376 K 8,392 K 9824 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,120 K 6,760 K 2784 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,460 K 10,828 K 1740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,288 K 7,328 K 1984 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,168 K 12,552 K 5888 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,536 K 14,876 K 1184 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,996 K 11,356 K 220 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,940 K 25,308 K 5640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,284 K 8,308 K 1348 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 9,480 K 25,360 K 3208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 24,324 K 33,016 K 3256 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,312 K 12,740 K 3232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,204 K 8,220 K 3216 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,920 K 7,396 K 5556 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,940 K 7,952 K 6316 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,540 K 6,500 K 1436 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,372 K 13,644 K 11576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 15,792 K 11,080 K 2384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,628 K 9,344 K 6944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,364 K 5,060 K 1968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,984 K 10,560 K 1128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 7,516 K 19,096 K 7668 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,560 K 10,016 K 1092 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,448 K 17,120 K 6208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,892 K 14,604 K 1052 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,292 K 9,444 K 6592 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,732 K 6,332 K 5064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,484 K 6,024 K 5568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,068 K 5,364 K 5168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,988 K 10,596 K 4228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,796 K 6,396 K 5072 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,856 K 7,824 K 4992 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,364 K 8,944 K 3340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,452 K 10,548 K 3888 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,948 K 10,844 K 3408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,828 K 6,404 K 3432 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,340 K 4,612 K 3776 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,624 K 5,472 K 3372 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,340 K 4,752 K 3424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,152 K 8,456 K 1124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,936 K 6,716 K 1624 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,824 K 7,548 K 1320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,888 K 5,444 K 1508 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,608 K 9,880 K 1236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,188 K 8,280 K 1076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 992 K 3,228 K 952 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,764 K 6,088 K 4136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,844 K 9,344 K 5752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

spoolsv.exe 7,592 K 15,556 K 3080 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

smss.exe 540 K 1,092 K 420 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows Publisher

smartscreen.exe 6,164 K 9,068 K 14384 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows

sihost.exe 5,736 K 23,808 K 5624 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows

ShellExperienceHost.exe Suspended 34,888 K 54,092 K 5352 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows

SettingSyncHost.exe 2,260 K 3,784 K 11748 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows

SetPoint.exe 7,080 K 18,388 K 7544 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. (Verified) Logitech Inc

services.exe 5,356 K 8,948 K 764 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Publisher

SecurityHealthService.exe 5,056 K 14,624 K 3388 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher

secd.exe 7,064 K 21,584 K 4896 Apple Security Manager Apple, Inc. (Verified) Apple Inc.

SearchUI.exe Suspended 55,136 K 55,808 K 6832 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows

SearchProtocolHost.exe 1,764 K 7,760 K 12508 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows

SearchIndexer.exe 34,308 K 29,776 K 7392 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

SearchFilterHost.exe 1,376 K 6,516 K 15908 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 7,244 K 19,068 K 7328 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 6,428 K 22,088 K 11668 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 6,052 K 21,820 K 3496 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 2,060 K 5,832 K 5896 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

rundll32.exe 5,428 K 17,472 K 8748 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows

RemindersServer.exe Suspended 8,636 K 18,876 K 7432 Reminders WinRT OOP Server Microsoft Corporation (Verified) Microsoft Windows

procexp.exe 3,448 K 11,048 K 14548 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

OneDrive.exe 14,512 K 41,796 K 8304 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation

NisSrv.exe 8,632 K 10,780 K 6392 Microsoft Network Realtime Inspection Service Microsoft Corporation (Verified) Microsoft Corporation

MSASCuiL.exe 1,896 K 9,156 K 7336 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows

Memory Compression 580 K 209,916 K 2028

mDNSResponder.exe 1,748 K 5,712 K 3264 Bonjour Service Apple Inc. (Verified) Apple Inc.

lsass.exe 7,480 K 14,980 K 784 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher

KHALMNPR.exe 3,632 K 10,772 K 9156 Logitech KHAL Main Process Logitech, Inc. (Verified) Logitech

iCloudServices.exe 27,932 K 62,904 K 1228 iCloud Services Apple Inc. (Verified) Apple Inc.

iCloudDrive.exe 12,332 K 25,716 K 7640 iCloud Drive Apple Inc. (Verified) Apple Inc.

HPWMISVC.exe 1,532 K 7,408 K 3308 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

HPSupportSolutionsFrameworkService.exe 36,696 K 35,564 K 11432 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.

hpqwmiex.exe 1,848 K 8,600 K 9788 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company

HPMSGSVC.exe 1,500 K 7,604 K 8648 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

HP3DDGService.exe 656 K 2,524 K 2284 HP3DDGService HP (Verified) HP Inc.

googledrivesync.exe 1,056 K 4,440 K 7440 Google Drive Google (Verified) Google Inc

GoogleCrashHandler64.exe 1,604 K 252 K 11160 Google Crash Handler Google Inc. (Verified) Google Inc

GoogleCrashHandler.exe 1,744 K 248 K 7704 Google Crash Handler Google Inc. (Verified) Google Inc

Fuel.Service.exe 1,752 K 7,028 K 3240 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.

fontdrvhost.exe 5,940 K 7,780 K 960 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows

fontdrvhost.exe 1,576 K 3,156 K 968 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows

dllhost.exe 3,112 K 9,296 K 8488 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows

dgnsvc.exe 1,496 K 7,212 K 3224 Dragon NaturallySpeaking Service Nuance Communications, Inc. (Verified) Nuance Communications

dasHost.exe 6,192 K 11,880 K 1868 Device Association Framework Provider Host Microsoft Corporation (Verified) Microsoft Windows

ctfmon.exe 3,008 K 13,048 K 7872 CTF Loader Microsoft Corporation (Verified) Microsoft Windows

csrss.exe 1,948 K 4,724 K 600 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher

CoolSense.exe 2,308 K 10,556 K 7948 HP CoolSense Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

chrome.exe 35,676 K 24,088 K 7048 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 51,772 K 66,288 K 13804 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 2,364 K 8,212 K 8796 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 35,352 K 49,880 K 14616 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 32,760 K 28,272 K 15220 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 13,516 K 21,416 K 3568 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 2,208 K 8,472 K 9012 Google Chrome Google Inc. (Verified) Google Inc

backgroundTaskHost.exe Suspended 4,072 K 17,744 K 15532 Background Task Host Microsoft Corporation (Verified) Microsoft Windows

atiesrxx.exe 1,568 K 4,688 K 1576 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

atieclxx.exe 2,504 K 9,452 K 1932 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

armsvc.exe 1,328 K 6,156 K 3284 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems

APSDaemon.exe 5,056 K 15,672 K 9300 Apple Push Apple Inc. (Verified) Apple Inc.

ApplicationFrameHost.exe 10,208 K 25,460 K 11112 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows

Image Name PID Services

========================= ======== ============================================

System Idle Process 0 N/A

System 4 N/A

smss.exe 420 N/A

csrss.exe 600 N/A

wininit.exe 704 N/A

csrss.exe 716 N/A

services.exe 764 N/A

lsass.exe 784 KeyIso, SamSs, VaultSvc

winlogon.exe 836 N/A

svchost.exe 952 PlugPlay

fontdrvhost.exe 960 N/A

fontdrvhost.exe 968 N/A

svchost.exe 1008 BrokerInfrastructure, DcomLaunch, Power,

SystemEventsBroker

svchost.exe 512 RpcEptMapper, RpcSs

svchost.exe 584 LSM

dwm.exe 80 N/A

svchost.exe 1076 NcbService

svchost.exe 1092 bthserv

svchost.exe 1128 TimeBrokerSvc

svchost.exe 1184 Schedule

svchost.exe 1236 ProfSvc

svchost.exe 1252 EventLog

svchost.exe 1320 TabletInputService

svchost.exe 1348 UserManager

svchost.exe 1416 BFE, CoreMessagingRegistrar, MpsSvc

svchost.exe 1436 nsi

svchost.exe 1508 DeviceAssociationService

svchost.exe 1520 Dhcp

atiesrxx.exe 1576 AMD External Events Utility

svchost.exe 1644 lfsvc

WUDFHost.exe 1696 N/A

svchost.exe 1740 NlaSvc

svchost.exe 1828 netprofm

dasHost.exe 1868 N/A

atieclxx.exe 1932 N/A

svchost.exe 1968 Themes

svchost.exe 1976 SysMain

svchost.exe 1984 EventSystem

Memory Compression 2028 N/A

svchost.exe 1124 SENS

svchost.exe 1624 AudioEndpointBuilder

svchost.exe 2052 FontCache

svchost.exe 2152 SSDPSRV

svchost.exe 2188 Audiosrv

svchost.exe 2240 StateRepository

HP3DDGService.exe 2284 hp3ddgsrv

svchost.exe 2384 Dnscache

svchost.exe 2392 DusmSvc

svchost.exe 2424 Wcmsvc

svchost.exe 2784 WinHttpAutoProxySvc

svchost.exe 2872 WlanSvc

svchost.exe 2928 ShellHWDetection

AvastSvc.exe 2944 avast! Antivirus

spoolsv.exe 3080 Spooler

svchost.exe 3132 LanmanWorkstation

svchost.exe 3208 DiagTrack

svchost.exe 3216 AppHostSvc

dgnsvc.exe 3224 DragonSvc

svchost.exe 3232 CryptSvc

Fuel.Service.exe 3240 AMD FUEL Service

officeclicktorun.exe 3248 ClickToRunSvc

svchost.exe 3256 DPS

mDNSResponder.exe 3264 Bonjour Service

AppleMobileDeviceService. 3272 Apple Mobile Device Service

armsvc.exe 3284 AdobeARMservice

CarboniteService.exe 3292 CarboniteService

HPWMISVC.exe 3308 HPWMISVC

svchost.exe 3320 Winmgmt

svchost.exe 3340 osrss

Panda_URL_Filteringb.exe 3348 panda_url_filtering

svchost.exe 3372 SstpSvc

SecurityHealthService.exe 3388 SecurityHealthService

SynTPEnhService.exe 3396 SynTPEnhService

svchost.exe 3408 stisvc

svchost.exe 3424 TrkWks

svchost.exe 3432 W32Time

svchost.exe 3452 WpnService

svchost.exe 3584 LanmanServer

svchost.exe 3776 WdiServiceHost

svchost.exe 3880 TapiSrv

svchost.exe 3888 iphlpsvc

MsMpEng.exe 3904 WinDefend

svchost.exe 4260 RasMan, wuauserv

svchost.exe 4992 FDResPub

svchost.exe 5064 Browser

svchost.exe 5072 PolicyAgent

svchost.exe 4228 HomeGroupProvider

svchost.exe 5168 WdiSystemHost

svchost.exe 5616 CDPUserSvc_5cdaf

sihost.exe 5624 N/A

svchost.exe 5640 WpnUserService_5cdaf

taskhostw.exe 5716 N/A

svchost.exe 5888 TokenBroker

SynTPEnh.exe 6052 N/A

explorer.exe 5672 N/A

svchost.exe 5568 Appinfo

svchost.exe 6208 CDPSvc

SynTPHelper.exe 6276 N/A

svchost.exe 6316 PcaSvc

svchost.exe 6592 Netman

svchost.exe 6944 wscsvc

ShellExperienceHost.exe 5352 N/A

SearchUI.exe 6832 N/A

RuntimeBroker.exe 3496 N/A

RuntimeBroker.exe 7328 N/A

SearchIndexer.exe 7392 WSearch

RemindersServer.exe 7432 N/A

ctfmon.exe 7872 N/A

TabTip.exe 7904 N/A

TabTip32.exe 7980 N/A

RuntimeBroker.exe 5896 N/A

MSASCuiL.exe 7336 N/A

SetPoint.exe 7544 N/A

svchost.exe 7668 OneSyncSvc_5cdaf,

PimIndexMaintenanceSvc_5cdaf,

UnistoreSvc_5cdaf, UserDataSvc_5cdaf

googledrivesync.exe 7440 N/A

iCloudServices.exe 1228 N/A

ApplePhotoStreams.exe 2972 N/A

iCloudDrive.exe 7640 N/A

iCloudPhotos.exe 5728 N/A

OneDrive.exe 8304 N/A

AvastUI.exe 8336 N/A

PhotoshopElementsFileAgen 8364 AdobeActiveFileMonitor13.0

rundll32.exe 8748 N/A

chrome.exe 8780 N/A

chrome.exe 8796 N/A

chrome.exe 9012 N/A

KHALMNPR.exe 9156 N/A

chrome.exe 7048 N/A

chrome.exe 8020 N/A

chrome.exe 7008 N/A

chrome.exe 6216 N/A

chrome.exe 5332 N/A

CoolSense.exe 7948 N/A

HPMSGSVC.exe 8648 N/A

NisSrv.exe 6392 WdNisSvc

CarboniteUI.exe 8592 N/A

HPNetworkCommunicatorCom. 772 N/A

unsecapp.exe 8492 N/A

WmiPrvSE.exe 9268 N/A

googledrivesync.exe 9708 N/A

hpqwmiex.exe 9788 hpqwmiex

svchost.exe 9828 DoSvc

APSDaemon.exe 9300 N/A

svchost.exe 9824 RmSvc

GoogleCrashHandler.exe 7704 N/A

GoogleCrashHandler64.exe 11160 N/A

ApplicationFrameHost.exe 11112 N/A

svchost.exe 4136 lmhosts

HPSupportSolutionsFramewo 11432 HPSupportSolutionsFrameworkService

SettingSyncHost.exe 11748 N/A

secd.exe 4896 N/A

svchost.exe 11576 StorSvc

TouchpointAnalyticsClient 11612 HPTouchpointAnalyticsService

dllhost.exe 8488 N/A

svchost.exe 5556 swprv

SystemSettings.exe 9840 N/A

RuntimeBroker.exe 11668 N/A

svchost.exe 1052 LicenseManager

VSSVC.exe 12700 VSS

chrome.exe 10788 N/A

chrome.exe 15220 N/A

svchost.exe 5752 DsSvc

winword.exe 9024 N/A

chrome.exe 13036 N/A

chrome.exe 14616 N/A

chrome.exe 16340 N/A

chrome.exe 13804 N/A

chrome.exe 3568 N/A

WUDFHost.exe 14840 N/A

SearchProtocolHost.exe 12508 N/A

svchost.exe 15524 gpsvc

smartscreen.exe 14384 N/A

chrome.exe 15608 N/A

dllhost.exe 15132 N/A

backgroundTaskHost.exe 14952 N/A

svchost.exe 14496 tiledatamodelsvc

dllhost.exe 13912 N/A

dllhost.exe 15468 N/A

cmd.exe 13180 N/A

conhost.exe 10808 N/A

tasklist.exe 4396 N/A

WmiPrvSE.exe 13940 N/A

#4
RKinner

Posted 04 July 2018 - 01:56 PM

Malware Expert

Expert
24,623 posts

It's Ron, not Robert (that's my son).

I don't see Speccy so please try again.

Carbonite seems to be using too much CPU time. Are you paying for it? If not uninstall it. This is a program that backs up your PC to the cloud but you have to pay for the service. It comes preinstalled on a lot of PCs. If you are using it then see if there is an upgraded version you can download.

Interrupts is too high.

Interrupts 1.65 0 K 0 K n/a Hardware Interrupts and DPCs

This can really slow a PC down. Let's run Latency Monitor and see if it can tell us what is causing the problem:

Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.51

Click on Download free home edition

Save it then right click and Run As Admin. It will install and then start the program.
It will tell you to click on the Start button but there isn't one.
Instead click on the green arrowhead (looks like a Play button). Let it run for at least 20 seconds. Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.

#5
SumMom

Posted 04 July 2018 - 02:20 PM

Member

Topic Starter
Member
69 posts

Terribly sorry! Where did I get Robert? My husband's name is Ron, too. I should be able to remember it now.

I have attached the Speccy file. I don't think I clicked 'Attach this file'. Terribly sorry.

I have downloaded Carbonite again. I have not booted after having done so. I will once I send this. I do pay for it.

Looks like the Latency tool has a new version: LatencyMon 6.70. I used that one as I didn't see 6.51

_________________________________________________________________________________________________________

CONCLUSION

_________________________________________________________________________________________________________

Your system appears to be suitable for handling real-time audio and other tasks without dropouts.

LatencyMon has been analyzing your system for 0:00:37 (h:mm:ss) on all processors.

_________________________________________________________________________________________________________

SYSTEM INFORMATION

_________________________________________________________________________________________________________

Computer name: PC

OS version: Windows 10 , 10.0, build: 16299 (x64)

Hardware: HP ENVY TS m6 Sleekbook, Hewlett-Packard, 1995

CPU: AuthenticAMD AMD A10-5745M APU with Radeon™ HD Graphics

Logical processors: 4

Processor groups: 1

RAM: 5336 MB total

_________________________________________________________________________________________________________

CPU SPEED

_________________________________________________________________________________________________________

Reported CPU speed: 2096 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.

_________________________________________________________________________________________________________

MEASURED INTERRUPT TO USER PROCESS LATENCIES

_________________________________________________________________________________________________________

The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs): 716.185749

Average measured interrupt to process latency (µs): 13.369101

Highest measured interrupt to DPC latency (µs): 706.415139

Average measured interrupt to DPC latency (µs): 4.978359

_________________________________________________________________________________________________________

REPORTED ISRs

_________________________________________________________________________________________________________

Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs): 62.343034

Driver with highest ISR routine execution time: storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Highest reported total ISR routine time (%): 0.021391

Driver with highest ISR total time: storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Total time spent in ISRs (%) 0.027083

ISR count (execution time <250 µs): 4977

ISR count (execution time 250-500 µs): 0

ISR count (execution time 500-999 µs): 0

ISR count (execution time 1000-1999 µs): 0

ISR count (execution time 2000-3999 µs): 0

ISR count (execution time >=4000 µs): 0

_________________________________________________________________________________________________________

REPORTED DPCs

_________________________________________________________________________________________________________

DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs): 768.864504

Driver with highest DPC routine execution time: ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Highest reported total DPC routine time (%): 0.467059

Driver with highest DPC total execution time: ntoskrnl.exe - NT Kernel & System, Microsoft Corporation

Total time spent in DPCs (%) 0.743238

DPC count (execution time <250 µs): 224231

DPC count (execution time 250-500 µs): 0

DPC count (execution time 500-999 µs): 10

DPC count (execution time 1000-1999 µs): 0

DPC count (execution time 2000-3999 µs): 0

DPC count (execution time >=4000 µs): 0

_________________________________________________________________________________________________________

REPORTED HARD PAGEFAULTS

_________________________________________________________________________________________________________

Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.

NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.

Process with highest pagefault count: avastsvc.exe

Total number of hard pagefaults 2038

Hard pagefault count of hardest hit process: 1351

Number of processes hit: 23

_________________________________________________________________________________________________________

PER CPU DATA

_________________________________________________________________________________________________________

CPU 0 Interrupt cycle time (s): 1.816784

CPU 0 ISR highest execution time (µs): 62.343034

CPU 0 ISR total execution time (s): 0.040365

CPU 0 ISR count: 4970

CPU 0 DPC highest execution time (µs): 768.864504

CPU 0 DPC total execution time (s): 0.536361

CPU 0 DPC count: 77564

_________________________________________________________________________________________________________

CPU 1 Interrupt cycle time (s): 0.739041

CPU 1 ISR highest execution time (µs): 3.622137

CPU 1 ISR total execution time (s): 0.000006

CPU 1 ISR count: 2

CPU 1 DPC highest execution time (µs): 242.835878

CPU 1 DPC total execution time (s): 0.177984

CPU 1 DPC count: 46744

_________________________________________________________________________________________________________

CPU 2 Interrupt cycle time (s): 0.898359

CPU 2 ISR highest execution time (µs): 2.814885

CPU 2 ISR total execution time (s): 0.000003

CPU 2 ISR count: 1

CPU 2 DPC highest execution time (µs): 94.191317

CPU 2 DPC total execution time (s): 0.215778

CPU 2 DPC count: 53551

_________________________________________________________________________________________________________

CPU 3 Interrupt cycle time (s): 0.754304

CPU 3 ISR highest execution time (µs): 4.019561

CPU 3 ISR total execution time (s): 0.000013

CPU 3 ISR count: 4

CPU 3 DPC highest execution time (µs): 251.051527

CPU 3 DPC total execution time (s): 0.178223

CPU 3 DPC count: 46382

_________________________________________________________________________________________________________

Thanks Ron!

LatencyMon 6.70

Attached Files

PC.txt 126.11KB 257 downloads

#6
RKinner

Posted 04 July 2018 - 04:39 PM

Malware Expert

Expert
24,623 posts

Thanks for the Latency Mon update.

Latency Mon says Avast is causing page faults. I would download a new copy, uninstall the old, reboot and install the new. (Avoid the free trial, any optional software - stick with the Basic)

Are you running a WiFi Extender? I've never found one that is always good. They tend to drop out for no reason. Perhaps because they operate on the same channel as the primary router. Watch the lights on the extender. You may see it go orange or red every once in a while. What make and model number are you using?

Speccy says your hard drive is showing some errors and it also claims (hopefully erroneously) that your CPU is running at 115 C. Let's get a second opinion on both items:

Run Speedfan to monitor your temps in real time:

http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).

It will tell you your temps in real time tho the default is to show the hard drive temp in the systray. You can change it: Hit Configure then click on the highest temp and check Show in tray. With no other programs running what is the highest temp you see? Run an anti-virus scan, play one of your games or watch a video for at least 5 minutes. What is the highest temp now?

We don't really want it to go over about 65 under load. If it does it usually means either the fan is defective (speedfan should tell you your fan speed so you can see if it is running) or (most likely) the interface between the fan and the heatsink is clogged with dust. The best fix for a clogged heatsink is to remove the fan (not the heatsink or heatpipe) and vacuum out the heatsink. However on some PCs this is major surgery. Sometimes you can blow air backwards through the exhaust vent while vacuuming at the input vent and if you are lucky it may clear the heatsink. Don't do it too long as the fan may overrev.

click on the S.M.A.R.T. tab. Click on the down arrow to the right of the Hard Disk box. Select your hard drive. Click on Perform an In-depth Online Analysis of this hard disk. Your browser will open.

At the bottom of the new page will be a line:

The link to get back and see a new report about this hard disk in the future is this.

Right click on the underlined "this" and select Copy Link Address. Move to a Reply and Paste (Ctrl + v).

After reinstalling Carbonite and Avast, (and rebooting) please make a new Process Explorer log.

#7
SumMom

Posted 05 July 2018 - 03:08 PM

Member

Topic Starter
Member
69 posts

Hi Ron!

I tried to reinstall Avast several times, but I get a fatal error. I have attached that log.

My Wifi extenders is a Netgear model WN1000RP. I only connect to it occassionally and won't know while you're helping me so that we know it isn't a factor.

I've gotten warnings when I reboot that the laptop crashed due to heat (not exact wording), but my laptop has never crashed. I've done some research and it seems to be a known false warning. After running Speedfan and a video for over 5 minutes I saw a high temp of 91C. I will try to blow out the fan using your instructions.

The in-depth analysis is here:

http://www.hddstatus...cation=8AE0415A

I have reinstalled Carbonite, but was not able to successfully reinstall Avast as stated above.

Thank you for your help! Love it!

P.S. I am not opposed to taking the laptop to our trusty Techmate in town if I need a new hard drive or help with the fan. Just thought I'd do further diagnosis with her help beforehand.

Attached Files

avast install failure log.txt 14.2KB 210 downloads

#8
RKinner

Posted 05 July 2018 - 05:07 PM

Malware Expert

Expert
24,623 posts

91 is way too hot so I hope you can clear the dust out. You may have to open it up and remove the fan (but not the heatsink or heatpipe) in order to clean the dust out. This is a simple job on most Dells but close to brain surgery on an HP. If you search for the PC's model number you will probably find a youtube video showing how to disassemble it. The last HP I worked on required removing the mother board in order to remove the fan but hopefully they have improved. Sometimes the heat will cook the thermal paste and dry it up then you need to clean it off and replace it with Arctic Silver 5 to get it to run where it should (under 50 at idle). Amazon sells the kit (Arctic Silver 5 Thermal Compound 3.5 Grams with ArctiClean 60 ML Kit (D132)
for around $11. If you have a shop clean it then ask them to replace the thermal paste when they clean the heatsink it shouldn't be that much more since most of the work is taking the thing apart and putting it back together.

A CPU will slow itself down if it gets too hot. This is supposed to protect it.

You can also get a third opinion on your temps from CPU-Z

https://www.cpuid.co...ares/cpu-z.html

(The Start Now button is adware so ignore it)

You want Setup English under Download.

I think the hard drive is OK but it is complaining about being banged around so try not to drop it or bump it against things.

To reinstall Avast try the offline install:

https://support.avas...tivirus#idt_010

The standard download is just a small program that has to contact the mothership to get the rest of the files. The offline setup has all of the files so doesn't need the Internet.

#9
SumMom

Posted 07 July 2018 - 11:00 AM

Member

Topic Starter
Member
69 posts

91 is way too hot so I hope you can clear the dust out.... It was actually very easy to screw off the back of my laptop and clean out the fan. I noticed a screw was missing on the back and found it... guess where... in the fan!! My father had taken this laptop to Geeks Squad a few times before he gave up on it and gave it to me. I also found a good deal of cat hair.

I immediately found a HUGE change in boot-up speed and response time. However, this diminished when I loaded the Avast back on. boo.... Is there a better anti-virus? I don't care if it costs a reasonable amount of money.

You can also get a third opinion on your temps from CPU-Z... I didn't bother with the third opinion, but I did run Speedfan again and received a high temp of 59C after watching several minutes of dashcam videos. Yup, I went down the rabbit hole. lol

I think the hard drive is OK but it is complaining about being banged around so try not to drop it or bump it against things. Good advice.

I am so pleased with the effort you've made to help me. It is greatly appreciated Ron!

#10
RKinner

Posted 07 July 2018 - 02:01 PM

Malware Expert

Expert
24,623 posts

Sounds like HP has finally gotten smart. Glad you were able to clean it.

Let's see a new Process Explorer log. Also a new Latency Monitor.

#11
SumMom

Posted 07 July 2018 - 04:01 PM

Member

Topic Starter
Member
69 posts

Process Explorer Log:

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

System Idle Process 80.55 52 K 8 K 0

DismHost.exe 6.23 114,072 K 14,136 K 1812

procexp64.exe 4.41 29,588 K 68,728 K 11476 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

System 1.53 244 K 6,580 K 4

CarboniteService.exe 1.18 161,472 K 32,784 K 3648 Carbonite Secure Backup Engine Carbonite, Inc. (www.carbonite.com) (Verified) Carbonite

Interrupts 0.99 0 K 0 K n/a Hardware Interrupts and DPCs

SearchIndexer.exe 0.98 31,608 K 32,832 K 16000 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.90 78,904 K 80,040 K 1972 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

explorer.exe 0.44 64,472 K 123,520 K 3460 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

dwm.exe 0.42 29,004 K 38,320 K 8524

OneDrive.exe 0.33 14,444 K 41,812 K 12820 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation

chrome.exe 0.24 210,208 K 235,144 K 14512 Google Chrome Google Inc. (Verified) Google Inc

csrss.exe 0.19 2,600 K 5,144 K 19352

AvastSvc.exe 0.19 302,132 K 53,264 K 2716 Avast Service AVAST Software (Verified) AVAST Software s.r.o.

chrome.exe 0.19 81,164 K 134,268 K 15376 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 0.18 85,820 K 93,468 K 13948 Google Chrome Google Inc. (Verified) Google Inc

svchost.exe 0.16 3,428 K 9,420 K 1940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

AvastUI.exe 0.16 36,940 K 48,020 K 4656 Avast Antivirus AVAST Software (Verified) AVAST Software s.r.o.

CarboniteUI.exe 0.14 15,036 K 33,212 K 13968 Carbonite User Interface Carbonite, Inc. (Verified) Carbonite

chrome.exe 0.10 273,756 K 256,840 K 18264 Google Chrome Google Inc. (Verified) Google Inc

iCloudServices.exe 0.08 25,584 K 45,216 K 6784 iCloud Services Apple Inc. (Verified) Apple Inc.

chrome.exe 0.07 62,356 K 90,948 K 10192 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 0.06 42,352 K 62,468 K 11800 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 0.04 32,872 K 49,468 K 212 Google Chrome Google Inc. (Verified) Google Inc

svchost.exe 0.03 8,560 K 14,908 K 476 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

Panda_URL_Filteringb.exe 0.03 45,376 K 51,872 K 3864 Anti-phishing Domain Advisor (Powered by Panda Security) Visicom Media Inc. (Verified) Visicom Media Inc.

googledrivesync.exe 0.03 62,124 K 22,056 K 5972 Google Drive Google (Verified) Google Inc

svchost.exe 0.03 5,460 K 13,768 K 3252 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 0.02 31,076 K 39,400 K 4752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 0.01 11,108 K 18,240 K 3228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

iCloudPhotos.exe 0.01 28,100 K 44,964 K 14920 iCloud Photo Library Apple Inc. (Verified) Apple Inc.

SetupHost.exe 0.01 255,856 K 14,412 K 15876

aswidsagenta.exe 0.01 80,920 K 99,264 K 5656 Avast Behavior Shield AVAST Software (Verified) AVAST Software s.r.o.

TabTip.exe 0.01 3,976 K 15,348 K 10428

HPNetworkCommunicatorCom.exe 0.01 3,368 K 11,616 K 14184 HPNetworkCommunicatorCom Hewlett-Packard Co. (Verified) Hewlett Packard

HPMSGSVC.exe < 0.01 1,492 K 7,576 K 13664 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

svchost.exe < 0.01 3,920 K 13,296 K 2980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

wuauclt.exe < 0.01 14,116 K 14,268 K 15484

svchost.exe < 0.01 5,244 K 17,804 K 13520 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

AppleMobileDeviceService.exe < 0.01 4,468 K 13,316 K 3624 MobileDeviceService Apple Inc. (Verified) Apple Inc.

officeclicktorun.exe < 0.01 25,004 K 34,484 K 3680 Microsoft Office Click-to-Run Microsoft Corporation (Verified) Microsoft Corporation

ApplePhotoStreams.exe < 0.01 11,200 K 28,916 K 15216 iCloud Photo Stream Apple Inc. (Verified) Apple Inc.

svchost.exe < 0.01 2,352 K 8,072 K 11192 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

Memory Compression < 0.01 1,140 K 300,308 K 2088

chrome.exe < 0.01 38,560 K 22,476 K 11568 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe < 0.01 84,248 K 103,912 K 448 Google Chrome Google Inc. (Verified) Google Inc

svchost.exe < 0.01 5,084 K 20,336 K 4060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

WmiPrvSE.exe < 0.01 12,300 K 20,416 K 1164

TouchpointAnalyticsClientService.exe < 0.01 45,352 K 40,836 K 5400 HP Touchpoint Analytics Client Service HP Inc. (Verified) HP Inc.

SynTPEnh.exe < 0.01 6,568 K 19,752 K 7348 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated

svchost.exe < 0.01 2,796 K 8,328 K 2136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

PhotoshopElementsFileAgent.exe < 0.01 2,528 K 1,696 K 288 Adobe Photoshop Elements 13.0 (component) Adobe Systems Incorporated (Verified) Adobe Systems Incorporated

WUDFHost.exe 3,824 K 11,320 K 16036

winlogon.exe 2,388 K 9,976 K 19248

wininit.exe 1,448 K 5,804 K 652

WindowsUpdateBox.exe 2,356 K 5,488 K 4340

wimserv.exe 37,768 K 0 K 18272

vds.exe 2,584 K 10,540 K 13932 Virtual Disk Service Microsoft Corporation (Verified) Microsoft Windows

unsecapp.exe 1,480 K 6,092 K 3764

taskhostw.exe 5,748 K 13,028 K 4372 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows

taskhostw.exe 6,404 K 19,376 K 13100

TabTip32.exe 1,328 K 4,336 K 14048

SynTPHelper.exe 1,028 K 4,160 K 5388

SynTPEnhService.exe 1,192 K 4,208 K 4000 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated

svchost.exe 13,836 K 17,128 K 1200 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,552 K 15,808 K 1256 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 14,400 K 15,116 K 1424 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,652 K 13,356 K 3324 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,724 K 11,536 K 1784 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,236 K 7,052 K 496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 12,248 K 28,340 K 1016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,440 K 8,684 K 3888 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,472 K 19,264 K 5420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,640 K 20,316 K 1768 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 8,636 K 18,628 K 3788 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,640 K 9,272 K 768 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,472 K 13,108 K 6312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,308 K 5,364 K 1980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 8,032 K 28,616 K 15712 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,852 K 8,836 K 1564 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,132 K 11,572 K 2640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 11,296 K 27,464 K 3748 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,772 K 6,048 K 2988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,028 K 7,016 K 3148 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 27,584 K 37,532 K 3720 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 15,992 K 12,156 K 2972 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,268 K 11,344 K 5900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,988 K 7,620 K 3428 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,868 K 11,716 K 2496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,200 K 7,028 K 1700 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,628 K 6,660 K 2208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,064 K 6,748 K 4384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 928 K 3,528 K 944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,464 K 10,276 K 1136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,192 K 8,572 K 1156 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,828 K 10,664 K 1172 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,516 K 10,252 K 1336 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,228 K 8,756 K 1496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,032 K 6,196 K 1512 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,772 K 7,556 K 1628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,920 K 8,640 K 1964 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,420 K 14,052 K 2056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,152 K 8,592 K 2144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,840 K 7,204 K 2196 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,136 K 8,320 K 3660 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,264 K 15,076 K 3688 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,468 K 9,184 K 3840 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,580 K 5,944 K 3900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,840 K 11,204 K 3976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,280 K 5,176 K 4020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,856 K 7,092 K 4040 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,504 K 11,880 K 4456 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,280 K 4,980 K 4668 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,640 K 6,560 K 5628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,720 K 6,564 K 5636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,636 K 11,108 K 5716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,948 K 8,808 K 5760 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,024 K 5,484 K 6556 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,352 K 5,732 K 6980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,044 K 12,620 K 7316 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,204 K 16,168 K 10836 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,016 K 7,964 K 7716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,804 K 8,948 K 13344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,312 K 6,764 K 10008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 8,004 K 27,756 K 15124 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,328 K 10,124 K 15328 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

spoolsv.exe 8,820 K 19,328 K 3376 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

smss.exe 472 K 944 K 352

smartscreen.exe 9,828 K 15,744 K 8532 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows

sihost.exe 5,396 K 22,416 K 5732 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows

ShellExperienceHost.exe Suspended 35,832 K 48,852 K 5704 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows

SettingSyncHost.exe 2,596 K 4,480 K 11472 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows

SetPoint.exe 7,084 K 18,468 K 12052 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. (Verified) Logitech Inc

services.exe 5,364 K 10,096 K 732

SecurityHealthService.exe 4,660 K 15,828 K 3936 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher

secd.exe 6,852 K 21,628 K 6956 Apple Security Manager Apple, Inc. (Verified) Apple Inc.

SearchUI.exe Suspended 61,300 K 57,056 K 4140 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 6,048 K 12,336 K 5340 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 2,044 K 7,940 K 1584 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 5,624 K 19,000 K 6508 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 1,648 K 6,064 K 8028 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

rundll32.exe 6,728 K 17,724 K 14116 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows

RemindersServer.exe Suspended 9,064 K 15,140 K 13236 Reminders WinRT OOP Server Microsoft Corporation (Verified) Microsoft Windows

procexp.exe 3,588 K 11,176 K 1772 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

msdtc.exe 3,336 K 10,372 K 15564 Microsoft Distributed Transaction Coordinator Service Microsoft Corporation (Verified) Microsoft Windows

MSASCuiL.exe 1,928 K 9,188 K 13576 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows

mDNSResponder.exe 1,804 K 5,596 K 3632 Bonjour Service Apple Inc. (Verified) Apple Inc.

lsass.exe 8,404 K 17,044 K 784 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher

KHALMNPR.exe 3,808 K 10,752 K 13788 Logitech KHAL Main Process Logitech, Inc. (Verified) Logitech

iCloudDrive.exe 12,076 K 29,016 K 15224 iCloud Drive Apple Inc. (Verified) Apple Inc.

HPWMISVC.exe 1,248 K 5,724 K 15936 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

HPSupportSolutionsFrameworkService.exe 34,908 K 36,736 K 3240 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.

hpqwmiex.exe 1,944 K 8,704 K 9524 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company

HP3DDGService.exe 640 K 2,532 K 2920 HP3DDGService HP (Verified) HP Inc.

googledrivesync.exe 1,056 K 4,424 K 9716 Google Drive Google (Verified) Google Inc

GoogleCrashHandler64.exe 1,596 K 8 K 3536

GoogleCrashHandler.exe 1,612 K 8 K 2184

Fuel.Service.exe 1,712 K 6,908 K 3608 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.

fontdrvhost.exe 4,528 K 8,232 K 17268

fontdrvhost.exe 1,568 K 2,736 K 932

dllhost.exe 4,272 K 13,628 K 11840 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows

dllhost.exe 3,228 K 9,104 K 1636

dgnsvc.exe 1,480 K 6,852 K 3736 Dragon NaturallySpeaking Service Nuance Communications, Inc. (Verified) Nuance Communications

dasHost.exe 5,676 K 13,864 K 1640

ctfmon.exe 2,964 K 12,696 K 13688

csrss.exe 1,752 K 5,456 K 540

CoolSense.exe 2,260 K 10,480 K 15292 HP CoolSense Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

chrome.exe 80,784 K 81,500 K 14888 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 48,808 K 66,020 K 18748 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 27,888 K 38,800 K 15452 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 33,476 K 51,588 K 3544 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 30,764 K 31,640 K 19228 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 13,524 K 23,304 K 9568 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 21,256 K 24,896 K 13640 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 2,092 K 8,052 K 13052 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 1,928 K 8,420 K 14688 Google Chrome Google Inc. (Verified) Google Inc

backgroundTaskHost.exe Suspended 4,728 K 14,816 K 10504 Background Task Host Microsoft Corporation (Verified) Microsoft Windows

atiesrxx.exe 1,376 K 4,884 K 1820 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

atieclxx.exe 2,488 K 9,152 K 10424

armsvc.exe 1,292 K 5,784 K 3616 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems

APSDaemon.exe 5,084 K 15,516 K 14188 Apple Push Apple Inc. (Verified) Apple Inc.

Latency Monitor:

_________________________________________________________________________________________________________

CONCLUSION

_________________________________________________________________________________________________________

Your system seems to be having difficulty handling real-time audio and other tasks. You may experience drop outs, clicks or pops due to buffer underruns. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.

LatencyMon has been analyzing your system for 0:00:44 (h:mm:ss) on all processors.

_________________________________________________________________________________________________________

SYSTEM INFORMATION

_________________________________________________________________________________________________________

Computer name: PC

OS version: Windows 10 , 10.0, build: 16299 (x64)

Hardware: HP ENVY TS m6 Sleekbook, Hewlett-Packard, 1995

CPU: AuthenticAMD AMD A10-5745M APU with Radeon™ HD Graphics

Logical processors: 4

Processor groups: 1

RAM: 5336 MB total

_________________________________________________________________________________________________________

CPU SPEED

_________________________________________________________________________________________________________

Reported CPU speed: 2096 MHz

_________________________________________________________________________________________________________

MEASURED INTERRUPT TO USER PROCESS LATENCIES

_________________________________________________________________________________________________________

Highest measured interrupt to process latency (µs): 1254.059082

Average measured interrupt to process latency (µs): 13.041365

Highest measured interrupt to DPC latency (µs): 1245.265524

Average measured interrupt to DPC latency (µs): 4.563943

_________________________________________________________________________________________________________

REPORTED ISRs

_________________________________________________________________________________________________________

Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs): 55.176527

Driver with highest ISR routine execution time: storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Highest reported total ISR routine time (%): 0.019449

Driver with highest ISR total time: storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Total time spent in ISRs (%) 0.028481

ISR count (execution time <250 µs): 6026

ISR count (execution time 250-500 µs): 0

ISR count (execution time 500-999 µs): 0

ISR count (execution time 1000-1999 µs): 0

ISR count (execution time 2000-3999 µs): 0

ISR count (execution time >=4000 µs): 0

_________________________________________________________________________________________________________

REPORTED DPCs

_________________________________________________________________________________________________________

DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs): 802.221851

Driver with highest DPC routine execution time: ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Highest reported total DPC routine time (%): 0.082396

Driver with highest DPC total execution time: USBPORT.SYS - USB 1.1 & 2.0 Port Driver, Microsoft Corporation

Total time spent in DPCs (%) 0.361589

DPC count (execution time <250 µs): 64679

DPC count (execution time 250-500 µs): 0

DPC count (execution time 500-999 µs): 26

DPC count (execution time 1000-1999 µs): 0

DPC count (execution time 2000-3999 µs): 0

DPC count (execution time >=4000 µs): 0

_________________________________________________________________________________________________________

REPORTED HARD PAGEFAULTS

_________________________________________________________________________________________________________

Process with highest pagefault count: aswidsagenta.exe

Total number of hard pagefaults 1127

Hard pagefault count of hardest hit process: 518

Number of processes hit: 23

_________________________________________________________________________________________________________

PER CPU DATA

_________________________________________________________________________________________________________

CPU 0 Interrupt cycle time (s): 1.942567

CPU 0 ISR highest execution time (µs): 55.176527

CPU 0 ISR total execution time (s): 0.050427

CPU 0 ISR count: 6019

CPU 0 DPC highest execution time (µs): 802.221851

CPU 0 DPC total execution time (s): 0.613247

CPU 0 DPC count: 62748

_________________________________________________________________________________________________________

CPU 1 Interrupt cycle time (s): 0.354271

CPU 1 ISR highest execution time (µs): 4.424618

CPU 1 ISR total execution time (s): 0.000008

CPU 1 ISR count: 2

CPU 1 DPC highest execution time (µs): 260.978531

CPU 1 DPC total execution time (s): 0.009788

CPU 1 DPC count: 727

_________________________________________________________________________________________________________

CPU 2 Interrupt cycle time (s): 0.377246

CPU 2 ISR highest execution time (µs): 3.929389

CPU 2 ISR total execution time (s): 0.000004

CPU 2 ISR count: 1

CPU 2 DPC highest execution time (µs): 233.765267

CPU 2 DPC total execution time (s): 0.010641

CPU 2 DPC count: 704

_________________________________________________________________________________________________________

CPU 3 Interrupt cycle time (s): 0.327760

CPU 3 ISR highest execution time (µs): 18.307729

CPU 3 ISR total execution time (s): 0.000027

CPU 3 ISR count: 4

CPU 3 DPC highest execution time (µs): 217.354008

CPU 3 DPC total execution time (s): 0.007018

CPU 3 DPC count: 526

_________________________________________________________________________________________________________

Let me know what you see. And thank you so much!

#12
RKinner

Posted 07 July 2018 - 05:25 PM

Malware Expert

Expert
24,623 posts

Control Panel, (View By: Large Icons), Programs and Features then click on Avast Free Antivirus and then hit Change. Yes. Modify, Uncheck Behavior Shield, Change. Reboot when it tells you to.

Then try Latency Monitor and Process Explorer again.

#13
SumMom

Posted 08 July 2018 - 08:10 AM

Member

Topic Starter
Member
69 posts

Latency:

_________________________________________________________________________________________________________

CONCLUSION

_________________________________________________________________________________________________________

Your system seems to be having difficulty handling real-time audio and other tasks. You may experience drop outs, clicks or pops due to buffer underruns. One or more DPC routines that belong to a driver running in your system appear to be executing for too long. At least one detected problem appears to be network related. In case you are using a WLAN adapter, try disabling it to get better results. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.

LatencyMon has been analyzing your system for 0:00:27 (h:mm:ss) on all processors.

_________________________________________________________________________________________________________

SYSTEM INFORMATION

_________________________________________________________________________________________________________

Computer name: PC

OS version: Windows 10 , 10.0, build: 16299 (x64)

Hardware: HP ENVY TS m6 Sleekbook, Hewlett-Packard, 1995

CPU: AuthenticAMD AMD A10-5745M APU with Radeon™ HD Graphics

Logical processors: 4

Processor groups: 1

RAM: 5336 MB total

_________________________________________________________________________________________________________

CPU SPEED

_________________________________________________________________________________________________________

Reported CPU speed: 2096 MHz

_________________________________________________________________________________________________________

MEASURED INTERRUPT TO USER PROCESS LATENCIES

_________________________________________________________________________________________________________

Highest measured interrupt to process latency (µs): 1104.076828

Average measured interrupt to process latency (µs): 14.711096

Highest measured interrupt to DPC latency (µs): 1077.696231

Average measured interrupt to DPC latency (µs): 5.429344

_________________________________________________________________________________________________________

REPORTED ISRs

_________________________________________________________________________________________________________

Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs): 145.486164

Driver with highest ISR routine execution time: storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Highest reported total ISR routine time (%): 0.064338

Driver with highest ISR total time: storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Total time spent in ISRs (%) 0.067459

ISR count (execution time <250 µs): 2854

ISR count (execution time 250-500 µs): 0

ISR count (execution time 500-999 µs): 0

ISR count (execution time 1000-1999 µs): 0

ISR count (execution time 2000-3999 µs): 0

ISR count (execution time >=4000 µs): 0

_________________________________________________________________________________________________________

REPORTED DPCs

_________________________________________________________________________________________________________

DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs): 1315.893130

Driver with highest DPC routine execution time: ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Highest reported total DPC routine time (%): 0.077662

Driver with highest DPC total execution time: storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Total time spent in DPCs (%) 0.234287

DPC count (execution time <250 µs): 20496

DPC count (execution time 250-500 µs): 0

DPC count (execution time 500-999 µs): 21

DPC count (execution time 1000-1999 µs): 1

DPC count (execution time 2000-3999 µs): 0

DPC count (execution time >=4000 µs): 0

_________________________________________________________________________________________________________

REPORTED HARD PAGEFAULTS

_________________________________________________________________________________________________________

Process with highest pagefault count: wuauclt.exe

Total number of hard pagefaults 541

Hard pagefault count of hardest hit process: 210

Number of processes hit: 15

_________________________________________________________________________________________________________

PER CPU DATA

_________________________________________________________________________________________________________

CPU 0 Interrupt cycle time (s): 0.751367

CPU 0 ISR highest execution time (µs): 145.486164

CPU 0 ISR total execution time (s): 0.073693

CPU 0 ISR count: 2852

CPU 0 DPC highest execution time (µs): 1315.893130

CPU 0 DPC total execution time (s): 0.232607

CPU 0 DPC count: 19254

_________________________________________________________________________________________________________

CPU 1 Interrupt cycle time (s): 0.143491

CPU 1 ISR highest execution time (µs): 6.577767

CPU 1 ISR total execution time (s): 0.000007

CPU 1 ISR count: 1

CPU 1 DPC highest execution time (µs): 292.614504

CPU 1 DPC total execution time (s): 0.015234

CPU 1 DPC count: 761

_________________________________________________________________________________________________________

CPU 2 Interrupt cycle time (s): 0.104409

CPU 2 ISR highest execution time (µs): 1.401718

CPU 2 ISR total execution time (s): 0.000001

CPU 2 ISR count: 1

CPU 2 DPC highest execution time (µs): 131.462309

CPU 2 DPC total execution time (s): 0.004233

CPU 2 DPC count: 298

_________________________________________________________________________________________________________

CPU 3 Interrupt cycle time (s): 0.085085

CPU 3 ISR highest execution time (µs): 0.0

CPU 3 ISR total execution time (s): 0.0

CPU 3 ISR count: 0

CPU 3 DPC highest execution time (µs): 299.087786

CPU 3 DPC total execution time (s): 0.003890

CPU 3 DPC count: 205

_________________________________________________________________________________________________________

Process:

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

System Idle Process 55.64 52 K 8 K 0

SetupHost.exe 24.02 9,816 K 19,892 K 8112 Modern Setup Host Microsoft Corporation (Verified) Microsoft Windows

CarboniteService.exe 8.00 18,724 K 57,276 K 3680 Carbonite Secure Backup Engine Carbonite, Inc. (www.carbonite.com) (Verified) Carbonite

procexp64.exe 4.97 34,112 K 75,900 K 12276 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

AvastSvc.exe 2.66 128,924 K 57,560 K 2888 Avast Service AVAST Software (Verified) AVAST Software s.r.o.

Interrupts 1.80 0 K 0 K n/a Hardware Interrupts and DPCs

System 0.81 248 K 7,268 K 4

dwm.exe 0.68 24,448 K 38,320 K 892 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows

explorer.exe 0.36 43,616 K 98,980 K 7500 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

csrss.exe 0.30 2,760 K 5,116 K 704 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher

chrome.exe 0.13 81,540 K 122,636 K 8500 Google Chrome Google Inc. (Verified) Google Inc

AvastUI.exe 0.12 20,752 K 21,320 K 9092 Avast Antivirus AVAST Software (Verified) AVAST Software s.r.o.

CarboniteUI.exe 0.11 12,268 K 34,472 K 10088 Carbonite User Interface Carbonite, Inc. (Verified) Carbonite

TabTip.exe 0.09 3,788 K 15,196 K 8492 Touch Keyboard and Handwriting Panel Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 0.06 38,036 K 53,496 K 9568 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 0.06 123,976 K 190,148 K 6704 Google Chrome Google Inc. (Verified) Google Inc

svchost.exe 0.04 66,336 K 74,580 K 1880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

googledrivesync.exe 0.03 62,196 K 77,784 K 9260 Google Drive Google (Verified) Google Inc

svchost.exe 0.03 1,456 K 5,280 K 4364 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

Panda_URL_Filteringb.exe 0.03 8,276 K 15,948 K 3828 Anti-phishing Domain Advisor (Powered by Panda Security) Visicom Media Inc. (Verified) Visicom Media Inc.

chrome.exe 0.01 32,756 K 46,420 K 10096 Google Chrome Google Inc. (Verified) Google Inc

iCloudPhotos.exe 0.01 25,564 K 46,564 K 4132 iCloud Photo Library Apple Inc. (Verified) Apple Inc.

svchost.exe 0.01 6,928 K 16,836 K 1324 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

HPNetworkCommunicatorCom.exe 0.01 3,076 K 12,064 K 9624 HPNetworkCommunicatorCom Hewlett-Packard Co. (Verified) Hewlett Packard

AppleMobileDeviceService.exe < 0.01 3,992 K 14,044 K 3608 MobileDeviceService Apple Inc. (Verified) Apple Inc.

SynTPEnh.exe < 0.01 6,656 K 23,700 K 7672 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated

officeclicktorun.exe < 0.01 9,044 K 16,544 K 3688 Microsoft Office Click-to-Run Microsoft Corporation (Verified) Microsoft Corporation

Memory Compression < 0.01 120 K 27,156 K 1972

TouchpointAnalyticsClientService.exe < 0.01 41,220 K 44,880 K 6176 HP Touchpoint Analytics Client Service HP Inc. (Verified) HP Inc.

PhotoshopElementsFileAgent.exe < 0.01 2,564 K 1,444 K 5972 Adobe Photoshop Elements 13.0 (component) Adobe Systems Incorporated (Verified) Adobe Systems Incorporated

svchost.exe < 0.01 2,524 K 11,392 K 2636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

wuauclt.exe 8,904 K 19,220 K 5976 Windows Update Microsoft Corporation (Verified) Microsoft Windows

WmiPrvSE.exe 2,440 K 8,804 K 12164 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows

WmiPrvSE.exe 3,248 K 9,356 K 6488 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows

winlogon.exe 2,424 K 9,900 K 828 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows

wininit.exe 1,612 K 6,264 K 684 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows Publisher

WindowsUpdateBox.exe 2,104 K 6,680 K 1204 Windows 10 Setup Microsoft Corporation (Verified) Microsoft Windows

unsecapp.exe 1,868 K 7,052 K 6032 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows

taskhostw.exe 5,308 K 12,264 K 3848 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows

TabTip32.exe 1,384 K 4,956 K 8552 Touch Keyboard and Handwriting Panel Helper Microsoft Corporation (Verified) Microsoft Windows

SynTPHelper.exe 1,016 K 4,648 K 8088 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated

SynTPEnhService.exe 1,288 K 4,948 K 3908 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated

svchost.exe 2,412 K 7,396 K 524 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,288 K 15,812 K 3000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,868 K 11,892 K 1664 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 9,196 K 17,316 K 3704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,924 K 11,728 K 344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 10,852 K 26,936 K 976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,392 K 21,404 K 3224 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,560 K 23,488 K 5544 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,368 K 10,520 K 2228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,300 K 11,664 K 5180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 17,060 K 18,928 K 1308 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 12,324 K 22,348 K 1136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,052 K 7,772 K 3260 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,896 K 11,252 K 2148 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,384 K 8,836 K 3820 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,676 K 6,332 K 2020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,348 K 14,060 K 2580 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,396 K 9,480 K 1760 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,676 K 20,152 K 3940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 9,480 K 30,912 K 3056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,760 K 7,576 K 9476 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,404 K 8,728 K 1440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,384 K 7,112 K 2860 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 15,356 K 19,928 K 2564 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,372 K 9,616 K 4620 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,120 K 12,232 K 1356 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,356 K 7,268 K 1584 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 7,052 K 26,568 K 5504 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 9,428 K 18,524 K 3712 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 8,548 K 25,764 K 3696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,840 K 12,172 K 3660 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,892 K 16,004 K 1172 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 988 K 3,652 K 940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 32,508 K 47,892 K 4612 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,372 K 13,892 K 1692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,164 K 6,832 K 3852 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,420 K 14,680 K 5988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,052 K 11,044 K 1116 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,696 K 6,704 K 5112 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,164 K 9,028 K 1448 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,852 K 6,264 K 2572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,676 K 11,512 K 3872 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,240 K 7,584 K 1892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,604 K 9,560 K 5824 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,748 K 12,928 K 3468 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,780 K 10,564 K 1236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,412 K 5,600 K 1900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,640 K 6,424 K 3932 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,636 K 10,900 K 1068 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,976 K 8,000 K 8100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,452 K 6,140 K 7892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,904 K 7,848 K 1296 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,164 K 10,584 K 3596 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,340 K 9,556 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,124 K 6,620 K 1388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,488 K 8,816 K 1864 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,340 K 9,124 K 1988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,072 K 7,764 K 2008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,236 K 7,116 K 3792 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,672 K 6,388 K 3840 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,864 K 10,984 K 3888 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,392 K 5,440 K 3924 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,496 K 5,312 K 4796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,816 K 6,724 K 4020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,164 K 8,636 K 4100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,340 K 10,136 K 5796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,976 K 5,924 K 7324 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,832 K 10,964 K 9480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,776 K 6,564 K 8980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

sppsvc.exe 3,500 K 11,536 K 11504 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows

spoolsv.exe 7,856 K 19,844 K 3216 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

smss.exe 604 K 1,220 K 408 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows Publisher

smartscreen.exe 14,456 K 20,300 K 8396 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows

sihost.exe 5,372 K 22,228 K 5552 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows

ShellExperienceHost.exe Suspended 28,932 K 63,344 K 7436 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows

SetPoint.exe 7,424 K 26,860 K 3052 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. (Verified) Logitech Inc

services.exe 6,248 K 10,788 K 744 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Publisher

SecurityHealthService.exe 4,492 K 16,112 K 3860 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher

secd.exe 7,656 K 25,860 K 8652 Apple Security Manager Apple, Inc. (Verified) Apple Inc.

SearchUI.exe Suspended 97,028 K 156,676 K 6232 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows

SearchIndexer.exe 30,652 K 25,508 K 6708 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 8,008 K 20,752 K 7912 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 1,972 K 6,612 K 8852 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 7,928 K 28,076 K 9024 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 5,328 K 18,928 K 2244 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

rundll32.exe 5,296 K 17,736 K 7600 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows

RemindersServer.exe Suspended 8,628 K 19,620 K 8228 Reminders WinRT OOP Server Microsoft Corporation (Verified) Microsoft Windows

procexp.exe 3,452 K 10,960 K 12232 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

OneDrive.exe 14,872 K 44,652 K 6560 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation

MSASCuiL.exe 1,960 K 9,496 K 6780 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows

mDNSResponder.exe 1,840 K 6,384 K 3640 Bonjour Service Apple Inc. (Verified) Apple Inc.

lsass.exe 7,136 K 16,500 K 764 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher

KHALMNPR.exe 3,708 K 11,432 K 6844 Logitech KHAL Main Process Logitech, Inc. (Verified) Logitech

iCloudServices.exe 24,360 K 54,624 K 6324 iCloud Services Apple Inc. (Verified) Apple Inc.

iCloudDrive.exe 12,228 K 32,200 K 8252 iCloud Drive Apple Inc. (Verified) Apple Inc.

HPWMISVC.exe 1,796 K 8,024 K 3724 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

HPSupportSolutionsFrameworkService.exe 37,064 K 48,100 K 3424 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.

hpqwmiex.exe 1,972 K 9,208 K 10196 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company

HPMSGSVC.exe 1,728 K 8,204 K 10052 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

HP3DDGService.exe 648 K 2,692 K 2492 HP3DDGService HP (Verified) HP Inc.

googledrivesync.exe 1,052 K 5,020 K 6308 Google Drive Google (Verified) Google Inc

GoogleCrashHandler64.exe 1,664 K 304 K 6200 Google Crash Handler Google Inc. (Verified) Google Inc

GoogleCrashHandler.exe 1,728 K 492 K 4808 Google Crash Handler Google Inc. (Verified) Google Inc

Fuel.Service.exe 1,836 K 7,684 K 3588 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.

fontdrvhost.exe 2,872 K 5,340 K 952 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows

fontdrvhost.exe 1,600 K 3,576 K 960 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows

dllhost.exe 3,728 K 10,624 K 10416 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows

dllhost.exe 2,116 K 9,852 K 3064 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows

dgnsvc.exe 1,808 K 7,404 K 3668 Dragon NaturallySpeaking Service Nuance Communications, Inc. (Verified) Nuance Communications

dasHost.exe 5,740 K 15,892 K 1552 Device Association Framework Provider Host Microsoft Corporation (Verified) Microsoft Windows

ctfmon.exe 3,056 K 13,460 K 8452 CTF Loader Microsoft Corporation (Verified) Microsoft Windows

csrss.exe 1,984 K 5,160 K 584 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher

CoolSense.exe 2,584 K 11,352 K 9636 HP CoolSense Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

chrome.exe 26,688 K 40,052 K 9532 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 52,488 K 67,976 K 9560 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 23,232 K 23,000 K 9436 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 21,548 K 31,852 K 9548 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 35,888 K 51,004 K 9188 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 60,696 K 67,388 K 10208 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 13,488 K 21,088 K 7652 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 2,352 K 9,056 K 9240 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 2,284 K 9,600 K 9316 Google Chrome Google Inc. (Verified) Google Inc

atiesrxx.exe 1,600 K 5,728 K 1544 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

atieclxx.exe 2,636 K 9,696 K 1840 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

armsvc.exe 1,588 K 6,648 K 3576 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems

APSDaemon.exe 5,288 K 16,820 K 7960 Apple Push Apple Inc. (Verified) Apple Inc.

ApplePhotoStreams.exe 10,608 K 33,168 K 8260 iCloud Photo Stream Apple Inc. (Verified) Apple Inc.

#14
RKinner

Posted 08 July 2018 - 09:03 AM

Malware Expert

Expert
24,623 posts

Looks like windows update is up to something right now. I'd give it an hour then reboot and try both logs again.

#15
SumMom

Posted 08 July 2018 - 12:25 PM

Member

Topic Starter
Member
69 posts

Do you really live on Orcas Island!?! My husband and I have visited Victoria, BC for four years now. As we fly over that area I always wonder about the folks who live there.

Latency Monitor report:

_________________________________________________________________________________________________________

CONCLUSION

_________________________________________________________________________________________________________

LatencyMon has been analyzing your system for 0:00:27 (h:mm:ss) on all processors.

_________________________________________________________________________________________________________

SYSTEM INFORMATION

_________________________________________________________________________________________________________

Computer name: PC

OS version: Windows 10 , 10.0, build: 16299 (x64)

Hardware: HP ENVY TS m6 Sleekbook, Hewlett-Packard, 1995

CPU: AuthenticAMD AMD A10-5745M APU with Radeon™ HD Graphics

Logical processors: 4

Processor groups: 1

RAM: 5336 MB total

_________________________________________________________________________________________________________

CPU SPEED

_________________________________________________________________________________________________________

Reported CPU speed: 2096 MHz

_________________________________________________________________________________________________________

MEASURED INTERRUPT TO USER PROCESS LATENCIES

_________________________________________________________________________________________________________

Highest measured interrupt to process latency (µs): 1172.470968

Average measured interrupt to process latency (µs): 15.507250

Highest measured interrupt to DPC latency (µs): 1162.211847

Average measured interrupt to DPC latency (µs): 5.966591

_________________________________________________________________________________________________________

REPORTED ISRs

_________________________________________________________________________________________________________

Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs): 74.934160

Driver with highest ISR routine execution time: storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Highest reported total ISR routine time (%): 0.019798

Driver with highest ISR total time: storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Total time spent in ISRs (%) 0.023743

ISR count (execution time <250 µs): 2741

ISR count (execution time 250-500 µs): 0

ISR count (execution time 500-999 µs): 0

ISR count (execution time 1000-1999 µs): 0

ISR count (execution time 2000-3999 µs): 0

ISR count (execution time >=4000 µs): 0

_________________________________________________________________________________________________________

REPORTED DPCs

_________________________________________________________________________________________________________

DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs): 1129.590172

Driver with highest DPC routine execution time: ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Highest reported total DPC routine time (%): 0.153783

Driver with highest DPC total execution time: ntoskrnl.exe - NT Kernel & System, Microsoft Corporation

Total time spent in DPCs (%) 0.405660

DPC count (execution time <250 µs): 62139

DPC count (execution time 250-500 µs): 0

DPC count (execution time 500-999 µs): 14

DPC count (execution time 1000-1999 µs): 1

DPC count (execution time 2000-3999 µs): 0

DPC count (execution time >=4000 µs): 0

_________________________________________________________________________________________________________

REPORTED HARD PAGEFAULTS

_________________________________________________________________________________________________________

Process with highest pagefault count: dismhost.exe

Total number of hard pagefaults 946

Hard pagefault count of hardest hit process: 685

Number of processes hit: 10

_________________________________________________________________________________________________________

PER CPU DATA

_________________________________________________________________________________________________________

CPU 0 Interrupt cycle time (s): 0.996760

CPU 0 ISR highest execution time (µs): 74.934160

CPU 0 ISR total execution time (s): 0.025662

CPU 0 ISR count: 2738

CPU 0 DPC highest execution time (µs): 1129.590172

CPU 0 DPC total execution time (s): 0.313860

CPU 0 DPC count: 32717

_________________________________________________________________________________________________________

CPU 1 Interrupt cycle time (s): 0.270915

CPU 1 ISR highest execution time (µs): 0.0

CPU 1 ISR total execution time (s): 0.0

CPU 1 ISR count: 0

CPU 1 DPC highest execution time (µs): 289.865935

CPU 1 DPC total execution time (s): 0.062522

CPU 1 DPC count: 14566

_________________________________________________________________________________________________________

CPU 2 Interrupt cycle time (s): 0.261147

CPU 2 ISR highest execution time (µs): 5.208969

CPU 2 ISR total execution time (s): 0.000010

CPU 2 ISR count: 3

CPU 2 DPC highest execution time (µs): 245.193702

CPU 2 DPC total execution time (s): 0.039379

CPU 2 DPC count: 9323

_________________________________________________________________________________________________________

CPU 3 Interrupt cycle time (s): 0.186159

CPU 3 ISR highest execution time (µs): 0.0

CPU 3 ISR total execution time (s): 0.0

CPU 3 ISR count: 0

CPU 3 DPC highest execution time (µs): 81.632156

CPU 3 DPC total execution time (s): 0.022855

CPU 3 DPC count: 5548

_________________________________________________________________________________________________________

Process Explorer report:

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

System Idle Process 46.20 52 K 8 K 0

chrome.exe 20.70 41,432 K 52,684 K 6208 Google Chrome Google Inc. (Verified) Google Inc

DismHost.exe 7.12 109,184 K 56,480 K 9396

chrome.exe 6.94 182,816 K 207,152 K 6704 Google Chrome Google Inc. (Verified) Google Inc

procexp64.exe 5.40 30,276 K 70,000 K 11036 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

CarboniteService.exe 3.36 35,932 K 32,408 K 3680 Carbonite Secure Backup Engine Carbonite, Inc. (www.carbonite.com) (Verified) Carbonite

System 2.04 248 K 7,456 K 4

Interrupts 1.66 0 K 0 K n/a Hardware Interrupts and DPCs

AvastSvc.exe 1.03 105,924 K 52,552 K 2888 Avast Service AVAST Software (Verified) AVAST Software s.r.o.

dwm.exe 0.81 25,712 K 34,972 K 892

chrome.exe 0.73 83,272 K 86,776 K 9568 Google Chrome Google Inc. (Verified) Google Inc

csrss.exe 0.58 2,768 K 4,784 K 704

svchost.exe 0.56 76,084 K 79,760 K 1880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

AvastUI.exe 0.49 31,264 K 54,620 K 9092 Avast Antivirus AVAST Software (Verified) AVAST Software s.r.o.

chrome.exe 0.32 22,360 K 36,464 K 6856 Google Chrome Google Inc. (Verified) Google Inc

TabTip.exe 0.31 3,884 K 14,212 K 8492

explorer.exe 0.23 50,264 K 105,404 K 7500 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

HPMSGSVC.exe 0.19 1,508 K 7,584 K 10052 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

svchost.exe 0.19 15,576 K 11,128 K 2564 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

rundll32.exe 0.17 5,472 K 16,188 K 7600 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 0.16 82,660 K 130,524 K 8828 Google Chrome Google Inc. (Verified) Google Inc

Panda_URL_Filteringb.exe 0.15 10,088 K 14,428 K 3828 Anti-phishing Domain Advisor (Powered by Panda Security) Visicom Media Inc. (Verified) Visicom Media Inc.

spoolsv.exe 0.13 7,636 K 15,836 K 3216 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

CarboniteUI.exe 0.13 22,808 K 41,656 K 10088 Carbonite User Interface Carbonite, Inc. (Verified) Carbonite

HPNetworkCommunicatorCom.exe 0.08 3,560 K 12,872 K 11984 HPNetworkCommunicatorCom Hewlett-Packard Co. (Verified) Hewlett Packard

chrome.exe 0.08 152,060 K 182,512 K 2124 Google Chrome Google Inc. (Verified) Google Inc

SearchIndexer.exe 0.04 24,204 K 16,368 K 6912 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.04 6,808 K 11,752 K 344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

googledrivesync.exe 0.03 61,904 K 22,244 K 9260 Google Drive Google (Verified) Google Inc

chrome.exe 0.03 33,172 K 50,140 K 5148 Google Chrome Google Inc. (Verified) Google Inc

svchost.exe 0.02 6,888 K 15,188 K 1324 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

iCloudPhotos.exe 0.01 26,864 K 35,724 K 4132 iCloud Photo Library Apple Inc. (Verified) Apple Inc.

svchost.exe 0.01 26,544 K 35,336 K 4612 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

SetupHost.exe 0.01 227,568 K 12,344 K 8112

OneDrive.exe 0.01 14,632 K 42,092 K 6560 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation

Memory Compression 0.01 840 K 158,092 K 1972

iCloudServices.exe 0.01 25,152 K 46,948 K 6324 iCloud Services Apple Inc. (Verified) Apple Inc.

AppleMobileDeviceService.exe < 0.01 4,992 K 13,572 K 3608 MobileDeviceService Apple Inc. (Verified) Apple Inc.

wuauclt.exe < 0.01 8,880 K 13,424 K 5976

TouchpointAnalyticsClientService.exe < 0.01 40,228 K 38,352 K 6176 HP Touchpoint Analytics Client Service HP Inc. (Verified) HP Inc.

officeclicktorun.exe < 0.01 11,908 K 21,112 K 3688 Microsoft Office Click-to-Run Microsoft Corporation (Verified) Microsoft Corporation

csrss.exe < 0.01 2,020 K 4,788 K 584

SynTPEnh.exe < 0.01 6,616 K 19,900 K 7672 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated

svchost.exe < 0.01 12,012 K 11,548 K 1308 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe < 0.01 5,304 K 17,444 K 5544 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe < 0.01 6,360 K 19,936 K 3224 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

PhotoshopElementsFileAgent.exe < 0.01 2,508 K 828 K 5972 Adobe Photoshop Elements 13.0 (component) Adobe Systems Incorporated (Verified) Adobe Systems Incorporated

WmiPrvSE.exe 2,424 K 8,624 K 6488

winlogon.exe 2,452 K 9,244 K 828

wininit.exe 1,300 K 5,276 K 684

WindowsUpdateBox.exe 1,988 K 5,084 K 1204

wimserv.exe 37,368 K 0 K 11972

vds.exe 2,356 K 8,908 K 7140 Virtual Disk Service Microsoft Corporation (Verified) Microsoft Windows

unsecapp.exe 1,832 K 5,780 K 6032

taskhostw.exe 5,240 K 12,948 K 3848 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows

TabTip32.exe 1,312 K 4,376 K 8552

SynTPHelper.exe 1,016 K 4,076 K 8088

SynTPEnhService.exe 1,176 K 4,016 K 3908 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated

svchost.exe 5,104 K 12,860 K 3000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 12,156 K 14,752 K 1136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,860 K 12,476 K 2580 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,124 K 8,592 K 1760 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,420 K 17,792 K 3940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 8,028 K 15,952 K 3712 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 25,204 K 31,580 K 3704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,760 K 11,760 K 2228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 10,480 K 25,232 K 976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,264 K 6,772 K 1584 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 9,024 K 24,504 K 3696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,396 K 10,496 K 1356 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,932 K 8,528 K 4620 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,168 K 11,084 K 5180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,452 K 10,728 K 1664 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,404 K 8,404 K 3820 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,064 K 7,384 K 3260 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,900 K 11,264 K 2148 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,328 K 6,760 K 524 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,028 K 6,800 K 2860 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,632 K 6,076 K 2020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,360 K 5,192 K 1900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,856 K 7,036 K 1892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,812 K 13,000 K 2636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,888 K 12,464 K 3660 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 6,168 K 14,768 K 1172 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,060 K 12,296 K 5988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,716 K 9,948 K 1236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,760 K 9,296 K 5824 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,128 K 6,260 K 3852 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 4,112 K 8,068 K 3596 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,296 K 13,800 K 1692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,784 K 5,704 K 2572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 988 K 3,288 K 940 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,172 K 8,236 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,532 K 10,132 K 1068 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,860 K 10,228 K 1116 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,792 K 7,448 K 1296 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,928 K 5,776 K 1388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,248 K 8,116 K 1440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 5,180 K 5,988 K 1448 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,668 K 6,940 K 1864 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,288 K 8,456 K 1988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,916 K 6,768 K 2008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,832 K 6,036 K 3792 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,620 K 5,688 K 3840 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,788 K 9,800 K 3888 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,336 K 4,868 K 3924 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,816 K 6,540 K 3932 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,444 K 10,668 K 3468 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,352 K 4,720 K 4364 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,412 K 4,736 K 4796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,700 K 6,392 K 5112 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,764 K 5,904 K 4020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,056 K 7,632 K 4100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,308 K 9,176 K 5796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,476 K 10,472 K 3872 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 7,036 K 25,300 K 5504 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 2,652 K 5,312 K 7324 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,460 K 5,932 K 7892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 3,900 K 7,388 K 8100 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 8,076 K 21,836 K 3056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

svchost.exe 1,944 K 9,456 K 8804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher

smss.exe 536 K 916 K 408

smartscreen.exe 9,568 K 15,592 K 9048 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows

sihost.exe 5,532 K 21,996 K 5552 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows

ShellExperienceHost.exe Suspended 28,932 K 43,932 K 7436 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows

SetPoint.exe 7,308 K 17,968 K 3052 Logitech SetPoint Event Manager (UNICODE) Logitech, Inc. (Verified) Logitech Inc

services.exe 5,180 K 8,708 K 744

SecurityHealthService.exe 4,776 K 14,576 K 3860 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher

secd.exe 7,100 K 21,456 K 8652 Apple Security Manager Apple, Inc. (Verified) Apple Inc.

SearchUI.exe Suspended 97,108 K 71,088 K 6232 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 7,496 K 19,644 K 7912 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 7,220 K 25,164 K 9024 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 1,632 K 5,784 K 8852 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RuntimeBroker.exe 5,140 K 16,612 K 2244 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows

RemindersServer.exe Suspended 8,912 K 16,488 K 8228 Reminders WinRT OOP Server Microsoft Corporation (Verified) Microsoft Windows

procexp.exe 3,380 K 11,032 K 3200 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

msdtc.exe 2,948 K 7,960 K 9296 Microsoft Distributed Transaction Coordinator Service Microsoft Corporation (Verified) Microsoft Windows

MSASCuiL.exe 1,956 K 8,988 K 6780 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows

mDNSResponder.exe 1,724 K 5,376 K 3640 Bonjour Service Apple Inc. (Verified) Apple Inc.

lsass.exe 7,060 K 13,956 K 764 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher

KHALMNPR.exe 3,660 K 10,092 K 6844 Logitech KHAL Main Process Logitech, Inc. (Verified) Logitech

iCloudDrive.exe 12,344 K 25,436 K 8252 iCloud Drive Apple Inc. (Verified) Apple Inc.

HPWMISVC.exe 1,508 K 6,872 K 3724 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

HPSupportSolutionsFrameworkService.exe 36,316 K 33,036 K 3424 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.

hpqwmiex.exe 1,832 K 8,496 K 10196 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company

HP3DDGService.exe 616 K 2,304 K 2492 HP3DDGService HP (Verified) HP Inc.

googledrivesync.exe 1,052 K 4,420 K 6308 Google Drive Google (Verified) Google Inc

GoogleCrashHandler64.exe 1,596 K 4 K 6200

GoogleCrashHandler.exe 1,584 K 4 K 4808

Fuel.Service.exe 1,712 K 6,372 K 3588 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.

fontdrvhost.exe 2,852 K 4,704 K 952

fontdrvhost.exe 1,572 K 2,640 K 960

dllhost.exe 1,696 K 7,124 K 10520 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows

dllhost.exe 4,064 K 10,392 K 4472 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows

dllhost.exe 2,364 K 8,844 K 3064 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows

dllhost.exe 3,352 K 9,404 K 10416

dgnsvc.exe 1,456 K 6,508 K 3668 Dragon NaturallySpeaking Service Nuance Communications, Inc. (Verified) Nuance Communications

dasHost.exe 5,600 K 14,396 K 1552

ctfmon.exe 3,012 K 12,580 K 8452

CoolSense.exe 2,300 K 10,344 K 9636 HP CoolSense Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company

chrome.exe 41,272 K 55,532 K 7152 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 30,024 K 25,372 K 9436 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 60,756 K 71,556 K 1164 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 32,072 K 37,932 K 9532 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 30,908 K 43,992 K 10552 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 13,644 K 23,456 K 11620 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 77,240 K 77,496 K 9560 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 22,144 K 22,932 K 9548 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 2,376 K 8,244 K 9240 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 2,216 K 8,472 K 9316 Google Chrome Google Inc. (Verified) Google Inc

atiesrxx.exe 1,516 K 4,536 K 1544 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher

atieclxx.exe 2,384 K 8,536 K 1840

armsvc.exe 1,296 K 5,700 K 3576 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems

APSDaemon.exe 4,668 K 14,608 K 7960 Apple Push Apple Inc. (Verified) Apple Inc.

ApplePhotoStreams.exe 10,372 K 26,108 K 8260 iCloud Photo Stream Apple Inc. (Verified) Apple Inc.

Thanks Ron!

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

As Featured On:

Geeks to Go Forum 343,321 topics
Quick Links FAQ Malware Cleaning Guide How it Works
Downloads 2+ million

View New Content

Intermittent wifi issues and slow computer

#1
SumMom

Posted 04 July 2018 - 08:41 AM

Advertisements

#2
RKinner

Posted 04 July 2018 - 10:37 AM

#3
SumMom

Posted 04 July 2018 - 12:27 PM

#4
RKinner

Posted 04 July 2018 - 01:56 PM

#5
SumMom

Posted 04 July 2018 - 02:20 PM

Attached Files

#6
RKinner

Posted 04 July 2018 - 04:39 PM

#7
SumMom

Posted 05 July 2018 - 03:08 PM

Attached Files

#8
RKinner

Posted 05 July 2018 - 05:07 PM

#9
SumMom

Posted 07 July 2018 - 11:00 AM

#10
RKinner

Posted 07 July 2018 - 02:01 PM

Advertisements

#11
SumMom

Posted 07 July 2018 - 04:01 PM

#12
RKinner

Posted 07 July 2018 - 05:25 PM

#13
SumMom

Posted 08 July 2018 - 08:10 AM

#14
RKinner

Posted 08 July 2018 - 09:03 AM

#15
SumMom

Posted 08 July 2018 - 12:25 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Intermittent wifi issues and slow computer

#1 SumMom Posted 04 July 2018 - 08:41 AM

Advertisements

#2 RKinner Posted 04 July 2018 - 10:37 AM

#3 SumMom Posted 04 July 2018 - 12:27 PM

#4 RKinner Posted 04 July 2018 - 01:56 PM

#5 SumMom Posted 04 July 2018 - 02:20 PM

Attached Files

#6 RKinner Posted 04 July 2018 - 04:39 PM

#7 SumMom Posted 05 July 2018 - 03:08 PM

Attached Files

#8 RKinner Posted 05 July 2018 - 05:07 PM

#9 SumMom Posted 07 July 2018 - 11:00 AM

#10 RKinner Posted 07 July 2018 - 02:01 PM

Advertisements

#11 SumMom Posted 07 July 2018 - 04:01 PM

#12 RKinner Posted 07 July 2018 - 05:25 PM

#13 SumMom Posted 08 July 2018 - 08:10 AM

#14 RKinner Posted 08 July 2018 - 09:03 AM

#15 SumMom Posted 08 July 2018 - 12:25 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
SumMom

Posted 04 July 2018 - 08:41 AM

#2
RKinner

Posted 04 July 2018 - 10:37 AM

#3
SumMom

Posted 04 July 2018 - 12:27 PM

#4
RKinner

Posted 04 July 2018 - 01:56 PM

#5
SumMom

Posted 04 July 2018 - 02:20 PM

#6
RKinner

Posted 04 July 2018 - 04:39 PM

#7
SumMom

Posted 05 July 2018 - 03:08 PM

#8
RKinner

Posted 05 July 2018 - 05:07 PM

#9
SumMom

Posted 07 July 2018 - 11:00 AM

#10
RKinner

Posted 07 July 2018 - 02:01 PM

#11
SumMom

Posted 07 July 2018 - 04:01 PM

#12
RKinner

Posted 07 July 2018 - 05:25 PM

#13
SumMom

Posted 08 July 2018 - 08:10 AM

#14
RKinner

Posted 08 July 2018 - 09:03 AM

#15
SumMom

Posted 08 July 2018 - 12:25 PM